Dutch healthcare hit by ransomware
A ransomware incident tied to ChipSoft disrupted logistics across Dutch healthcare institutions but did not cause reported critical patient‑care failures, according to recent coverage. The story highlights operational impacts like scheduling and records access that can follow supplier outages even when core clinical services continue. (thecyberexpress.com)
Dutch hospitals and clinics spent the past week working around a ransomware attack at software supplier ChipSoft, with patient portals and mobile tools knocked offline. (z-cert.nl) Z-CERT, the Dutch cybersecurity center for healthcare, said it was notified on April 7, 2026 that ChipSoft had been hit. On April 9, Z-CERT said ChipSoft had cut connections to Zorgportaal, HiX Mobile and Zorgplatform as a precaution and was bringing systems back in phases with new login credentials. (z-cert.nl) The disruptions landed inside a system many Dutch providers use for records, scheduling and patient communication. Z-CERT said hospitals added staff at service desks and phone lines and increased direct calls between institutions to keep work moving. (z-cert.nl) Z-CERT said no critical care processes had stopped as of its April 9 update. The Record reported the incident caused operational problems at multiple Dutch hospitals rather than reported failures in emergency treatment. (z-cert.nl) (therecord.media) Ransomware is a kind of digital extortion: attackers lock systems or steal data and demand payment. In healthcare, even a supplier outage can ripple into missed messages, slower scheduling and manual workarounds because hospitals depend on outside software to run daily operations. (ncsc.nl) (z-cert.nl) European officials have been warning that hospitals are a frequent target. The European Commission said in January 2025 that healthcare had been hit by more cyberattacks than any other industry in Europe over the previous four years, with ransomware singled out for delaying procedures and clogging emergency rooms. (therecord.media) The Dutch case also fits a supply-chain pattern, where one vendor’s outage spreads to many customers at once. BleepingComputer reported ChipSoft took its website and digital services for patients and healthcare providers offline after the attack. (bleepingcomputer.com) Dutch authorities have spent the past year pushing harder on ransomware response and recovery planning. The National Cyber Security Centre published its 2025 ransomware overview on February 25, 2026 and separately released disaster recovery guidance on February 5, 2026 for organizations rebuilding after incidents. (ncsc.nl) For now, the immediate picture in the Netherlands is a healthcare system still functioning, but with more work being done by phone, at desks and through fallback procedures while ChipSoft restores access. (z-cert.nl)
