Dutch healthcare software firm claims hackers destroyed stolen medical records amid ransom speculation

Published: 30 April 2026
Last updated: 14 hours ago
man, left side wears blue office jacket, right side is in shadow, both arms hold green dollars
Hacker salary size on either side of the law. Image by Cybernews.

ChipSoft says it has prevented stolen data from being published, and that the attackers have now destroyed it.

Key takeaways:
  • Dutch firm ChipSoft says hackers stole patient medical records in a ransomware attack.
  • The company claims the stolen data was later destroyed by the attackers.
  • It is unclear whether any ransom was paid to secure the deletion.
  • The case highlights risks from “double extortion” ransomware groups targeting healthcare.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.

Earlier this month, ChipSoft, a Dutch manufacturer of electronic patient record software, became the victim of a ransomware attack.

ADVERTISEMENT

Initially, ChipSoft said it was unlikely that patients’ personal information was stolen or accessed, but it couldn’t rule it out either. A few weeks later, the software company concluded that the attackers did manage to steal personal data of patients from several Dutch healthcare institutions, including medical records.

The company now claims that all data that was exfiltrated has been deleted by the attackers.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

“With the support of cybersecurity experts, we were able to prevent the data from being published. Furthermore, the stolen data has been destroyed. Our cybersecurity experts have confirmed that this destruction was carried out in a technically sound manner,” ChipSoft says on an updated page concerning the recent data breach.

All affected healthcare institutions have been informed about the destruction of the compromised data.

It remains unclear whether ChipSoft paid money to the hackers to erase the stolen data. However, the data breach's outcome seems to point to that conclusion.

According to Dutch news outlet NOS, a ransomware operation called Embargo is responsible for the incident. Last week, the group posted a message on the dark web, claiming that they stole 100GB of patient records from ChipSoft.

Embargo is a new and rather mysterious ransomware operation. It’s unclear who’s behind it and where it comes from. We do know that it has targeted the US health care sector as well.

ADVERTISEMENT

Research has shown that the criminals behind the group avoid public branding and high-visibility tactics, helping them evade law enforcement and media attention. Embargo doesn’t only encrypt the digital files of their victims: it also downloads corporate information and threatens to release the data to the public. This is called a “double extortion” scheme.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked