Image: Bitmarck / Twitter

Bitmarck, one of Germany’s largest IT providers, hit by cyberattack

Bitmarck, one of the largest IT service providers within Germany’s statutory health insurance system, announced on Sunday it had taken all of its customer and internal systems offline due to a cyberattack.

The nature of the attack has not yet been disclosed. In a statement on its temporary website, the company said no data theft has been identified, although it cautioned investigations by external experts were ongoing.

Bitmarck, which employs around 1,600 people, said that the customer and internal systems were taken offline as a precaution. It stressed that patient data it holds is specially protected and was not “endangered” by the incident.

Taking these services offline impacts a range of individuals and organizations associated with Bitmarck’s services, particularly those who rely on the company to issue electronic sickness certificates used in Germany to pay employees’ leave.

Bitmarck also warned that pharmacies it works with may also experience technical problems, although it said it was aiming to bring systems back online in a cautious manner to minimize this impact and the risk to clients.

In its statement, the company said disruptions were likely to continue “for the foreseeable future,” as entire data centers were taken offline and restarting these was likely to be accompanied by temporary service failure.

“We very much regret the inconvenience caused to our customers, service providers and insured persons and are working to restore the systems as quickly as possible,” the company stated.

It added that it could not identify the attackers due to ongoing forensic analysis and investigations by the authorities.

The cybersecurity incident in April follows another in January in which data belonging to more than 300,000 insurance policy holders was stolen from Bitmarck’s internal systems, as reported by Heise.

The company had initially claimed that no policyholder data had been stolen, although it later discovered that personally identifying information — including names, dates of birth, and insurance card identification numbers — was taken.

The company stated: “Unfortunately, cyber attacks on companies in Germany have increased significantly in recent years, currently by more than 20 percent per year.

“Of course, we take this attack as an opportunity to further improve our security protocols and to prevent similar attacks in the future. We work closely with our internal and external IT security experts to analyze, restart and reinstall our systems as well as to process the incident.”

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Alexander Martin

Alexander Martin

is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.