A Dutch mental health clinic patient has been warned that her personal records were in the hands of hackers following a security breach at an online portal that “guarantees” her privacy.
Nedap, a technology company based in the Netherlands disclosed On October 25th, the company’s Carenzogt.nl portal was hacked. The portal is used by thousands of medical institutions across the country to share digital medical records and personal data.
The company said it became aware of the vulnerability in its Carenzorgt.nl system (aka “Caren”) on the morning of October 17th and “immediately fixed it.” However, subsequent investigation revealed that the vulnerability was exploited by hackers to gain unauthorized access to patient records.
among the victims 184 clients Mental health clinic Reinier van Arkel and Ypse in Den Bosch.
The incident echoes concerns after the 2020 attack on Finnish psychotherapy clinic Vasataamo. In this attack, hackers not only stole top-secret and sensitive notes from therapy sessions, but individual patients were threatened if they did not pay the ransom within his 72 hours.their personal information will be published online.
In that incident, hackers stole the psychotherapy details of thousands of patients, and eventually at least 2,000 victims published their session notes on the dark web.
Vasataamo’s CEO lost his job and the company declared bankruptcy the following year because the damage to its reputation could not be repaired.
Let’s hope the same fate doesn’t befall the treatment clinics affected by this latest breach. Because from the sound of things, the security failure was not with them, but with his Carenzorgt.nl portal in Nedap.
A ray of light was last week’s Dutch police 19-year-old man arrested related to hacking.
Authorities are said to be investigating whether the teenager may have sold the stolen data to others who might seek to monetize the sensitive data.