Medatixx Hit with Ransomware Attack, Customers Need to Change Passwords ASAP
It Is Unknown what Kind of Information Was Stolen During the Attack.
Following a ransomware attack that crippled its whole operation, Medatixx, a medical software provider from Germany whose services are utilized in over 21,000 medical institutions, advises users to reset their application passwords.
In addition, to practice software, Medatixx offers additional solutions, including online appointment booking and video consultation hours, as well as services for practice IT and practice management software.
In the middle of last week, we were the target of a cyberattack in which important parts of our internal IT system were encrypted. As a result, our accessibility as well as the entire company operation are currently severely impaired.
Were the Customers Impacted?
The vendor explained that the damage has not reached customers and is restricted to their internal IT systems and that none of their PVS (practice management systems) will be affected.
As things stand, the attack was directed against Medatixx as a company, not against our customers. The functionality of the systems in your practice / your MVZ / your outpatient clinic is not affected according to the current state of knowledge.
Nevertheless, attackers may have managed to obtain Medatixx users’ credentials, as the company doesn’t know what information was stolen during the incident.
As a result of the attack, Medatixx advises clients to immediately take the following measures to secure their practice management software.
- Change user passwords on practice software (instructions).
- Change Windows logon passwords on all workstations and servers (instructions).
- Change TI connector passwords (instructions).
Mediatixx was hit by ransomware last week, and the organization is still recovering, with only e-mail and central phone services restored so far.
In addition, customers can contact company employees for any difficulties they may have since regional sales partners are available and all customer support lines are operational.
Unfortunately, no date has been announced for when the organization will resume normal functioning.
It is unknown whether the attackers were able to obtain any customer, physician, or patient information.
It is not known at this point whether or not, and to what extent any data was stolen. It can therefore not be ruled out that the data stored by us has been stolen.
As mentioned by BleepingComputer, Mediatixx products are used in about 25% of all healthcare facilities in Germany, and this could be the largest cyberattack ever to impact the country’s healthcare system.
This ransomware attack occurs at the most inconvenient time, as Germany is coping with a record-high number of COVID-19 infections.
How Can Heimdal™ Help?
In the fight against ransomware, Heimdal™ Security is offering its customers an outstanding integrated cybersecurity suite including the Ransomware Encryption Protection module, that is universally compatible with any antivirus solution, and is 100% signature-free, ensuring superior detection and remediation of any type of ransomware, whether fileless or file-based (including the most recent ones like LockFile).