A massive trove of Norway's healthcare data may have been stolen by unknown hacker(s), which could likely impact almost half of the nation's population.
A healthcare organisation in Norway, Health South-East RHF, which manages hospitals in the nation's southeast region and reportedly serves around 2.9 million people, announced the data breach earlier in January.
Health South-East RHF said that Norway's CERT department for its healthcare sector alerted the firm about having detected "abnormal activity" in the region's computer network, which revealed "burglaries in computer systems". The group added that the hack is suspected to be the work of an "advanced and professional" hacker.
"This is a very serious situation, and measures have been taken to limit the damage caused by the burglary. There is close dialogue with the hospitals about this and there is so far no evidence that the burglary has had consequences for patient treatment, patient safety or patient data has been overlooked, but it is too early to conclude," CEO of Health South East RHF, Cathrine M Lofthus, said in a statement.
"The best resources in Hospital Partners are now working together with the foremost expertise in the country to get an overview and resolve the situation."
The director of Norway's ministry of healthcare, Bjørn Guldvog, deemed the data breach as serious, adding that the authorities are taking measures to ensure that any fallout caused by the breach is limited. However, Guldvog refrained from mentioning what measures had been taken to deal with the breach.
It still remains unknown as to whether hackers were able to successfully access and exfiltrate data and if so, how many people may have been impacted by the breach.
"We are in a phase where we try to get an overview. It's far too early to say how big the attack is. We are working to acquire knowledge of all aspects," director of the Norwegian security agency, National Security Authority (NSM), Kjetil Nilsen, told a local newspaper.