Hackers have breached the systems of the Southern and Eastern Norway Regional Health Authority (Helse Sør-Øst RHF), and possibly made off with personal information and health records of some 2.9 million Norwegians.
The breach was announced on Monday by the authority and it is still unknown if the attackers managed to access and exfiltrate patient data.
The first to notice that something was amiss was HelseCERT, the Norwegian healthcare sector’s national information security center, which detects unwanted events and traffic and reports them to affected actors. HelseCERT notified Hospital Partner HF, the company responsible for all ICT operations in Helse Sør-Øst RHF.
Cathrine M. Lofthus, the CEO of the Southern and Eastern Norway Regional Health Authority, said that measures have been taken to limit the damage caused by the breach, but that it hasn’t affected patient treatment or patient safety.
Read more about the breach of the Norwegian health authority, which is being investigated by Norway’s police, military intelligence and its National Security Authority on Help Net Security.