Medical software firm urges password resets after ransomware attack

[Gandalf_The_Grey]

Medatixx, a German medical software vendor whose products are used in over 21,000 health institutions, urges customers to change their application passwords following a ransomware attack that has severely impaired its entire operations.

The firm clarified that the impact has not reached clients and is limited to their internal IT systems and shouldn't affect any of their PVS (practice management systems).

However, as it is unknown what data was stolen during the attack, threat actors may have acquired Medatixx customers' passwords.

Therefore, Medatixx is recommending that customers perform the following steps to make sure their practice management software remains secure:

1. Change user passwords on practice software (instructions).
2. Change Windows logon passwords on all workstations and servers (instructions).
3. Change TI connector passwords (instructions).

The firm explained that the above are precautionary measures, but they should be applied as soon as possible.

The software products whose users should respond to this emergency are the following:

• easymed
• medatixx
• x.comfort
• x.concept
• x.isynet
• x.vianova

According to Heise Online, Mediatixx solutions are used in about 25% of all medical centers in Germany, and this could be the biggest cyberattack ever to hit the country's healthcare system.

Moreover, the German news outlet speculates that the actors could exfiltrate user credentials from remote maintenance systems.

This incident is happening at the worst possible moment, as Germany is dealing with a record-high number of COVID-19 cases.

The pandemic already strains hospitals in the country, and the last thing they needed was losing access to essential support software tools or performing system-wide resets.