Almost 3 weeks ago, the health insurance company's own IT service provider Bitmarck was hit by a cyber attack. As a result, many company health insurance companies, such as the SBK, were paralyzed and have not been available by email, app or normal telephone to date. Currently only emergency numbers work. The first cash registers report that payments in the area of sickness and care allowance are possible again.
The IT staff at the health insurance companies can't do much else at the moment but wait for Bitmarck's repaired services. Because the IT service provider had to take entire data centers offline after the cyber attack at the end of April. The Bitmarck homepage still does not name what exactly happened.
IT service provider adesso was also attacked
Since Bitmarck also uses adesso's IT services, some media suspected a connection to the attack on adesso. However, Bitmarck has commented on this topic: one sees no connection with the attack on adesso. This statement is based on the current state of knowledge of the IT security experts and forensic scientists who are investigating the case and are accompanying the ongoing security measures.
The attack on adesso is probably related to a cyber attack in a different way: ITZ Bund, which provides ministries with IT services, was attacked, as were its three IT service providers adesso, Init and Materna.
Dozens of BKKs further offline
On the websites of dozens of company health insurance companies - BKKs - there are still instructions that you can only be reached via the emergency number, which, however, is very often massively overloaded. Sometimes there is also no access to files or the ePA - electronic patient file. Even sick leave often has to be done manually using a yellow note.
Even the BKK umbrella organization can say nothing more attackn. Many BKKs were hardly able to tell the customers they looked after anything new apart from the emergency number on their website, such as: Bahn BKK, BKK Linde, Bosch BKK, Siemens BKK (SBK), Audi BKK, Salus BKK, BKK Deutsche Bank , BKK VDN, BKK Faber Castell, WMF BKK, IKK Südwest, BKK Voralb.
Do you have a moment?
Take a few minutes for our 2023 user survey and help make B2B-CYBER-SECURITY.de better!You only have to answer 10 questions and you have an immediate chance to win prizes from Kaspersky, ESET and Bitdefender.
Here you go directly to the survey
There seem to be first signs of improvement: Many BKKs have not been able to pay out sickness and nursing benefits for a long time because there was no data access. It now seems to be partially working again. For health insurance companies that are based at the Munich operations center, there should be restrictions in day-to-day business for a long time. Since this data center was completely taken off the grid.
Bitmarck: The attacker is still unknown
It is also not possible to find out what exactly happened and who the attacker is. The relevant leak sites also offer no indication of which APT group carried out the attack and whether Bitmarck is being blackmailed. The company continues to state that no data was lost or extracted to the attackers.
Editor/sel
More at Bitmarck.de