Ransomware knocks Dutch healthcare software vendor offline • The Register

A Dutch healthcare software vendor has been knocked offline following a ransomware attack, officials say.

ChipSoft’s website went down on April 7 and remains unreachable at the time of writing. The company provides hospitals with patient record software, serving around 80 percent of all facilities in the country.

The ransomware element of the cyberattack was confirmed in an advisory penned by Z-CERT, the Netherlands’ computer emergency response team for the healthcare industry, and included in a statement published on Wednesday morning.

“On April 7, 2026, Z-CERT received notification that ChipSoft has fallen victim to a ransomware attack,” it said. 

“Z-CERT is in contact with ChipSoft, healthcare institutions, and our partners. We are working hard to assess the impact of the incident.”

The Register contacted ChipSoft for more information.

The group behind the attack is not yet known, and despite the disruption to ChipSoft’s public-facing services, the majority of hospitals the company serves are still able to use their patient portals.

The way in which ChipSoft’s software is used varies by customer; some use it for record-keeping more comprehensively than others.

Only 11 hospitals have pulled their software offline, nine of which are among the institutions that use the software more extensively, according to a survey by local news outlet NOS.

For hospitals and other healthcare partners concerned about the intrusion, Z-CERT recommends auditing ChipSoft systems for unusual traffic and disclosing anything suspicious via its reporting line.

In its annual landscape report, Z-CERT listed ransomware and extortion as the foremost concerns for Dutch healthcare organizations – threats that have not materially diminished in recent years.

The country suffered one of its worst breaches in 2025 after a Nova ransomware attack on Eurofins subsidiary Clinical Diagnostics, a cancer-screening laboratory.

Almost one million patients had their data stolen, including basic personal information, highly sensitive Pap smear results, and skin and urine test results.

Z-CERT also pointed to the January ransomware attack on Belgian hospital network AZ Monica as a more recent example of the danger cyberattacks pose to healthcare organizations.

Hospitals in Antwerp and Deurne were disrupted for days and were forced to turn away ambulances and transfer patients receiving critical care to neighboring facilities.

“Digital outage is not an abstract IT problem. It concerns people who need care,” said Wim Hafkamp, director at Z-CERT, advocating for hospitals to establish a disaster recovery plan.

“In Belgium, in January 2026, we saw how a cyberattack on a hospital led to prolonged system downtime and postponed operations. That directly affects patients and healthcare providers. Good preparation ensures that care can continue safely and carefully even then.” ®