Medatixx, a German medical software vendor whose products are used in over 21,000 health institutions, urges customers to change their application passwords following a ransomware attack that has severely impaired its entire operations. The firm clarified that the impact has not reached clients and is limited to its internal IT systems and shouldn’t affect any of its PVS (practice management systems).
However, as it is unknown what data was stolen during the attack, threat actors may have acquired Medatixx customers’ passwords.
In a statement issues by the organisation, it said that important parts of its internal IT system were encrypted, and as a result, its accessibility as well as the entire company operations are currently severely impaired.
Steven Hope, Co-founder and CEO at Authlogics, said: “The medical industry is home to some of the most lucrative and sensitive data available across any vertical. Not only is medical data subject to strict regulations, but it is also extremely valuable if it were to fall into the wrong hands. Medatixx was lucky that the ransomware attack in this instance did not compromise frontline operations, which could have had serious impacts on medical procedures and the organisation’s output.
“Its users should follow the advice to reset passwords, but a more long-term solution would be for organisations to engage in other forms of security and consider implementing Multi-Factor Authentication. Passwords do not fit the purpose for which they were designed, and have led to countless security incidents. Phasing them out would help to create a more secure passwordless environment for everyone.”