Skip to content

Hacker attack on the electronic patient record: Germany's disaster

In the spring of 2025, another security incident dominated headlines in Germany: the electronic patient record (ePA), a central element of digitalization in healthcare, was once again the target of hacker attacks. This incident sheds light on the massive problems associated with the widespread introduction of the ePA and raises the question of how secure the sensitive health data of millions of citizens truly is. The Electronic Patient Record: An Ambitious Project The ePA was introduced as a milestone in healthcare digitalization as part of the Digital Law (DigiG). Since April 29, 2025, it has been available nationwide for approximately 73 million statutory insured individuals, after a pilot phase in model regions such as Hamburg, Franconia, and parts of North Rhine-Westphalia was completed. The goal of the ePA is to store health data such as doctor's letters, lab results, medication plans, and X-ray images centrally and digitally. Insured individuals can access their data via an app from their health insurance company, manage access rights, and upload documents. Doctors,… 

more »Hacker Attack on Electronic Patient Record: Germany's Disaster

Gene analysis company pays millions in fines after cyberattack

US genetic analysis startup 23andMe has agreed to pay $30 million in damages to affected customers to settle a class-action lawsuit[1]. The settlement follows a massive data breach in 2023, in which criminals gained access to the data of over 6.9 million users[1]. Details of the incident The hackers apparently specifically targeted the genetic information of Ashkenazi Jewish and Chinese users[1]. In addition to direct customer information, data of potential relatives linked to the profiles via the "DNA Relatives" platform feature were also stolen[1]. Compensation and security measures In addition to financial compensation, those affected are expected to receive access to a security monitoring program for three years[1]. The company can only afford the $30 million compensation sum because it is expected that $25 million will be covered by insurance[1]. Chronology and extent 23andMe initially announced the data leak in October 2023, with the full...

more »Genetic analysis company pays millions in fines after cyberattack

Black Cat cripples drug supply

Nine days after a Russian-speaking ransomware syndicate crippled the largest US healthcare payment processor, pharmacies, healthcare providers, and patients were still struggling to fill prescriptions for medications, many of which are life-saving. ArsTechnica reports. "On Thursday, UnitedHealth Group accused a notorious ransomware gang called AlphV and Black Cat of hacking its subsidiary Optum," the magazine said, adding, "Optum offers a nationwide network called Change Healthcare, which allows healthcare providers to manage customer payments and insurance claims. Since pharmacies did not have an easy way to calculate which costs were covered by insurance companies, many had to resort to alternative services or offline methods." https://status.changehealthcare.com/incidents/hqpjz25fn3n7