Ransomware attack on German medical service provider medatixx

Sicherheit (Pexels, allgemeine Nutzung)[German]The German service provider for medical practices, medatixx GmbH & Co. KG, fell victim to a ransomware attack in the middle of last week. Not only the services for medical practices (doctor's offices) are is affected. Data of customers might have possibly been leaked as well. medatixx GmbH & Co. KG is responsible for 25 % of German doctors' offices.


The medatixx GmbH & Co. KG offers the software medatixx for medical practices , which, according to its own statement, fulfills all basic requirements of a doctor's office support software, and can be individually configured according to the doctor's requirements. In a statement (German) metatixx GmbH & Co. KG now confirms a ransomware attack.

Dear Sir or Madam,

Our company was the target of a cyber attack in the middle of last week, in which important parts of our internal IT system were encrypted. As a result, our accessibility and the entire company operations are currently severely impaired.

To protect our customers, employees and partners, we are taking all necessary steps together with IT security specialists to counteract the attack with targeted measures and eliminate its effects. The investigating authorities and the data protection authority responsible for us are also involved.

The focus of our activities is on restoring the availability of our central and regional support services as quickly as possible and on establishing the working capability of all other areas of the company that are essential for your practice operations.

According to the current status, the attack was directed against medatixx as a company, not against our customers. The functionality of the systems in your practice / your MVZ / your outpatient clinic is not affected according to current knowledge.

Whether data was also stolen is not known at the present time. But the company states, that since Nov. 3, 2021 a high traffic to unknown IP addresses has been detected. Therefore it can not be ruled out that data stored at the companies servers has been stolen. The company therefore expressly recommend that users change their passwords immediately as a precaution. They recommend:

  • Change the passwords for Windows logon at the workstations, on servers and in firewalls.
  • Change the passwords on the TI connector.

They also suggest to review the rules in place at the institution for dealing with Internet use and email and raise awareness again with the team. User should pay particular attention to suspicious attachments and links in e-mails; even if they bear the sender "medatixx".The company says, they will never ask you for data, passwords, etc. by e-mail.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *