Dutch Hospitals Face Disruptions After Ransomware Attack on Software Provider ChipSoft

What happened

A ransomware attack on ChipSoft disrupted digital services used by hospitals and patients across the Netherlands after the company was hit on April 7. As a precaution, ChipSoft disabled connections to several platforms, including Zorgportaal, HiX Mobile, and the Zorgplatform, while it restores systems in stages and issues new login credentials to users. ChipSoft is a major supplier of electronic health record systems in the country, and its HiX platform is used by about 70 percent of Dutch hospitals to manage patient records and communication between providers and patients. The company said the incident involved possible unauthorized access and that it could not rule out that patient data may have been accessed or stolen. Eleven hospitals reportedly disconnected ChipSoft software from their networks after the compromise.

Who is affected

The direct impact falls on Dutch hospitals, healthcare workers, and patients relying on ChipSoft platforms. Systems were reported unavailable at several hospitals, including Sint Jans Gasthuis, Laurentius Hospital, VieCuri Medical Center, and Flevo Hospital. Leiden University Medical Center also temporarily postponed rollout of a new patient record system supplied by ChipSoft.

Why CISOs should care

This incident matters because it affects a major healthcare software supplier whose systems are deeply embedded in hospital operations across the country. It also shows how a ransomware attack on a shared provider can create nationwide disruption, force hospitals to sever trusted connections, and raise immediate questions about patient data exposure even before critical care is directly affected.

3 practical actions

1. Review concentration risk in key healthcare suppliers: Identify where a single software provider supports large portions of clinical operations, patient communications, or record management across multiple sites.
2. Prepare to sever trusted connections quickly: Ensure hospitals and other healthcare organizations can disconnect VPN or platform integrations rapidly if a critical vendor is compromised.
3. Plan for continuity when digital health tools go offline: Make sure communication, service desk, and manual fallback processes can absorb disruption when patient-facing and provider-facing platforms become unavailable.

For more news about ransomware incidents disrupting healthcare operations, click Ransomware to read more.