The cyber attack at the IT service provider Bitmarck has disrupted the day-to-day business of some health insurance companies. However, no customer data is currently affected.
The IT service provider Bitmarck, which looks after numerous statutory health insurance companies in Germany, had to shut down its systems and disconnect them from the network for security reasons. “Bitmarck is currently repelling a cyber attack,” the company reported today on a temporarily switched company website. The security incident had already triggered defensive measures on Monday. First, the “taz” reported online about it.
Statutory health insurance companies affected
The Bitmarck company, based in Essen, said the attack also had an impact on the day-to-day business of some statutory health insurance companies. There are disruptions and restrictions, but no data from customers of the insurance companies is currently affected. The company did not provide any further information on the extent of the affected systems or the scope and duration of the defensive measures.
When asked by “taz”, a spokesman for the Federal Data Protection Commissioner confirmed that Bitmarck had reported a data breach this week. There is an obligation to report if companies assume that personal data has been lost or processed in a way that differs from data protection law.
Not the first hacker attack
It is not the first time that Bitmarck has been hit by a cyber attack. In January 2023, an attacker managed to extract data from around 300,000 online customers from various health insurance companies, which he offered for sale on the dark web.
Bitmarck is an Essen-based company that claims to provide technical infrastructure and software solutions for around 80 health insurance companies with a total of 25 million insured persons. These include the DAK, various company health insurance companies and guild health insurance companies. Bitmarck is also involved in the technical development and introduction of the electronic patient file.