Amid a new wave of the corona pandemic and booster vaccinations, a hacker attack means additional problems for thousands of German medical offices.
Hesse Eltville-based Medatixx successfully sells software for medical practices and is now the victim of ransomware – blackmail software. Medatixx announced that its mainframe was encrypted mid-last week. Such special software takes data from a computer system as a “hostage” and only makes it readable again to the owner when the ransom has been paid to the hackers. At least if the blackmail is lucky and the gangsters are having a good day.
Medatixx is now virtually invisible. The company’s central customer support has failed. Whoever called the customer hotline on Tuesday morning only heard a tape announcement: due to a “technical malfunction” we could not be reached. Anyone who writes an email to the company receives an error message. The company’s announcement reads: “Investigative authorities and the data protection authority that concerns us are also involved.”
Medatixx has asked physicians using its computer programs to change their passwords. This affects thousands of doctors, because the company is not just any junk software, but the number two in the industry in Germany behind the Koblenz Compugroup. Medatixx claims a 28 percent market share. These are over 20,000 practices, with 40,000 physicians and even more office staff.
It is true that the attack did not hit the office computers themselves, but rather the central Medatixx system. However, it cannot be excluded that “the data we store has been stolen”. It could also include the passwords doctors use to secure access to their systems where intimate x-rays, lab values, results, and prescriptions are stored.
Medatixx obviously wants to prevent hackers from breaking into the firm’s computers
This is why Medatixx calls on its customers not only to change the password of the firm’s software “immediately”, but also that of Windows and of the so-called TI connector, a specially secured router which is supposed to transmit data in a particularly protected manner. . It connects the practice computers and their card readers to the telematics (IT) infrastructure, which is used to digitally network the German healthcare system. Hospitals, pharmacies, doctors and health insurance funds have their own network connected to special equipment.
Obviously, Medatixx wants to rule out hackers breaking into the office computers themselves through the software house. Then, they could also infiltrate the telematics infrastructure to which only legitimate practices have access.
Passwords are usually stored in encrypted form, but this encryption can often be cracked by sophisticated hackers. Those affected can find instructions on how to change passwords for different Medatixx systems and software products here. At SZ’s request, the company has yet to comment.
Although it is not yet clear whether individual practices or the IT infrastructure are now at risk: the precautionary measure of massive password changes shows how sensitive the attacks are against companies connected to dozens of thousands of other systems. Such hacking attacks against central service providers that provide many more can be particularly devastating because there are so many more targets all at once.