The medical services of Bremen and Lower Saxony work together in terms of IT services. This has now suffered a cyber attack and therefore had to stop many services and communication. Experts examine the systems. The attacker is not yet known.
The medical service (MD) Bremen and the MD Lower Saxony form an administrative community. MD Niedersachsen provides the IT infrastructure for both services. A few days ago, MD Lower Saxony became the target of an attack on its IT systems. According to the current status of the investigations, no access to data has taken place. Order processing is initially interrupted until the system has been checked and approved. For security reasons, the telephone lines, e-mail boxes and fax connections have also been blocked. Thus, the MD Lower Saxony and Bremen will not be available for the foreseeable future.
Paralyzed IT also affects insured persons
Due to the security incident, written assessments, home visits or physical examinations are temporarily suspended. Due to the precautionary isolation of the systems, no more data is exchanged via the DTA interfaces or e-mail. Reports and other documents cannot currently be sent or accepted. In many other areas, no regulated process is currently possible. To do this, the systems must first function completely again.
Attacker unknown to date
More than shutting down and isolating the systems is not known. The type of attack is also not known, whether it is a data stealer, ransomware or the exploitation of a vulnerability such as MOVEit software from Progress, which the AOK attacked, for example, was attacked by the APT group CLOP. This group has stolen masses of data from many companies and allegedly only wants to return it for a large sum.
More at MD-Niedersachsen.de