German IT provider Bitmarck shuts all internal systems following a cyber attack

German IT service provider Bitmarck suffered a serious cyber attack last week that caused major disruption to its daily operations and forced it to take all internal systems offline.

Based in Essen, Germany, Bitmarck provides IT solutions to regional public health insurance companies. As a full-service provider, the company also offers complete solutions for the introduction of the electronic health card (eGK), computer center services and services in the areas of advice and service, such as training or IT consulting.

Bitmarck last week put up a notice on its website’s home page, stating that it suffered a significant cyber security incident that forced it to take its customer and internal systems offline. The notice still appears on the home page, indicating that the company is yet to restore its digital resources.

“Bitmarck has actively and specifically taken customer and internal systems offline as a precautionary measure. Statutory health insurance companies that have their IT operated by BITMARCK are affected by the preventive measures in different ways,” the notice reads.

According to reports, the cyber attack affected Bitmarck clients’ ability to issue co-pay waiver checks, use the electronic patient file and deliver digital certificates. Bitmarck, however, stressed that it found no evidence of any data being stolen from the company’s database.

“Even if there were major restrictions for those insured by the health insurance companies, there was no outflow of data - neither at BITMARCK nor at customers or insured persons,” the company explained.

Bitmarck is working with internal and external security experts to investigate the cyber attack and understand the scope of the same. It is also working closely with “customers, the Federal Ministry of Health, associations, gematik, and other players in the healthcare market to process the incident.”

“The security of customer and policyholder data had and still has the highest priority, both when defending against the attack and when putting the systems back into operation. In the course of these measures, customers, especially statutory health insurance companies, as well as BITMARCK itself, experience significant technical disruptions and major restrictions in day-to-day business.

“In particular, the care of the insured is severely limited in terms of accessibility, advice and service - this also affects data exchange,” Bitmarck added.

The Cyber Express has reported that a group of threat actors using the umbrella name “LeakBase” has claimed responsibility for the cyber attack and has listed the company on its data leak site. The threat actors claim to have accessed hashed passwords, customers’ personal information, VIP customer and C-Level employee personal information, user, and employee personal information.

Earlier this month, Rheinmetall, one of Germany’s largest automotive and arms manufacturing companies, also suffered a cyber attack that affected its industrial customers in the automotive sector.

“Rheinmetall is currently investigating the extent of the damages and is in close contact with the relevant authorities. The failure does not affect the military business - Automotive Systems, Weapons and Ammunition, and Electronic Solutions. The extent of the damage is currently being determined,” a company spokesperson said last week.