Dutch healthcare software vendor goes dark after ransomware attack

Steven

Dutch healthcare software vendor goes dark after ransomware attack

Summary

ChipSoft, a major Dutch supplier of patient-record software used by roughly 80% of hospitals in the Netherlands, went offline after a ransomware attack detected on 7 April 2026. Z-CERT, the Dutch healthcare CERT, confirmed the ransomware element and is coordinating with ChipSoft and affected institutions to assess impact. ChipSoft’s public website remains down but email services are reportedly functioning. Most hospitals continue to access patient portals, though 11 hospitals — nine of which use ChipSoft extensively — have taken systems offline as a precaution.

Key Points

  • Z-CERT confirmed a ransomware incident affecting ChipSoft on 7 April 2026 and is working with the vendor and hospitals.
  • ChipSoft serves around 80% of Dutch hospitals; public website is down but core portals remain operational for most customers.
  • Eleven hospitals have disconnected ChipSoft systems; those heavily reliant on the software are most impacted.
  • The attacker group has not been publicly identified and the extent of data compromise is not yet clear.
  • Z-CERT urges hospitals to audit systems for unusual traffic and to report suspicious activity via its reporting line.
  • The incident follows recent high-profile healthcare breaches in the region, underscoring ransomware as a persistent threat to patient care and safety.

Context and relevance

Ransomware remains a top concern for healthcare organisations in the Netherlands and beyond. Past incidents — including the 2025 Nova attack on Eurofins’ Clinical Diagnostics and January 2026 attacks on Belgian hospitals — show how cyber disruption can force service cancellations, ambulance diversions and direct harm to patients. This event highlights continued vulnerabilities in software supply chains and the need for robust disaster-recovery and incident-response planning across hospitals and vendors.

Author style

Punchy — this one matters. If you’re responsible for IT, risk or operations in a hospital or health-tech vendor, the details here directly affect patient safety and business continuity. Read the full reports and Z-CERT guidance if you’re in scope.

Why should I read this?

Look, it isn’t just tech drama — when hospital systems go south, real people feel it. If you work in healthcare IT, procurement, or run clinical services, this heads-up helps you check whether your suppliers have airtight recovery plans and whether your own teams are ready to keep care running if a vendor goes dark.

Source

Source: https://go.theregister.com/feed/www.theregister.com/2026/04/08/chipsoft_ransomware/