Named institutions hit
15+
confirmed, named
Est. patients at risk
~247k
named institutions only
% of NL population
~1.2%
named confirmed only
AP notifications
66+
actual scope likely higher
Awaiting communication
1
BovenIJ Ziekenhuis
Confirmed clear
26
not affected
⚠ NOS / ChipSoft update — 28 Apr 2026
Ransomware group Embargo claimed responsibility, threatening to publish 100 GB of patient data. On 28 April, ChipSoft announced that the stolen data has been destroyed and publication prevented — with technical verification by cybersecurity experts. ChipSoft has not disclosed whether a ransom was paid. Sources: NOS, 24 Apr · ChipSoft statement, 28 Apr.
✔ ChipSoft update — 28 Apr 2026
Recovery is well underway. ChipSoft confirmed on 28 April that the stolen data has been destroyed and that publication has been prevented. Systems — Zorgplatform, Zorgportaal and HiX Mobile — are being reactivated step by step following a thorough security analysis with Z-CERT. The majority of institutions can now use Zorgplatform again. See: informatie.chipsoft.com.
Breach impact map — precise GP locations + institution blast radii
Hospital / specialist
GP practice (named)
Awaiting communication
Not affected
Radius ∝ √population
Institution status
Estimated patient exposure — confirmed affected institutions
| Institution | Type | Location | Est. patients | % of NL | Basis |
|---|---|---|---|---|---|
| Oogziekenhuis Rotterdam | Specialist | Rotterdam | 60,000 | 0.335% | Confirmed — NOS / Volkskrant |
| Rijndam Revalidatie | Revalidatie | Rotterdam | 25,000 | 0.140% | Confirmed |
| Heliomare | Revalidatie | Wijk aan Zee | 20,000 | 0.112% | Confirmed: possibly affected |
| MKA Kennemer & Meer | Specialist | Haarlem | 15,000 | 0.084% | Patient letter sent |
| De Waag & Van der Hoeven Kliniek | Forensic psychiatry | Utrecht | 6,000 | 0.034% | ~6,000 clients confirmed |
| Huisartsenpraktijk Heikant | GP practice | Veldhoven | 5,875 | 0.033% | ~2.5 FTE — health centre |
| Huisartsenpraktijk De 1e Lijn | GP practice | Den Hoorn | 5,875 | 0.033% | ~2.5 FTE — 3 GPs on website |
| Medisch Kwartier Eindhoven | GP practice | Eindhoven | 4,700 | 0.026% | ~2 FTE — urban multi-GP |
| Huisarts Boschdijk | GP practice | Eindhoven | 4,700 | 0.026% | ~2 FTE — urban, 71 reviews |
| Mercuur Huisartsenpraktijk | GP practice | Eindhoven | 4,700 | 0.026% | ~2 FTE — urban health centre |
| Huisartsenpraktijk Van de Kerkhof | GP practice | Deurne | 2,350 | 0.013% | ~1 FTE — solo GP |
| Praktijk Hartendorp | GP practice | Schoorl | 2,350 | 0.013% | ~1 FTE — village, solo GP |
| Huisartsenpraktijk Terra Medici | GP practice | Maarheeze | 2,350 | 0.013% | ~1 FTE — village practice |
| Basalt (revalidatie) | Revalidatie | Den Haag / Zuid-Holland | 30,000 | 0.168% | 13 locations Zuid-Holland — ANP/Volkskrant |
| Fonkelzorg | GP organisation | Den Bosch / Noord-Brabant | 12,000 | 0.067% | Email to patients confirmed — Omroep Brabant / DTV Nieuws |
| Medisch Centrum Soerendonk | GP practice | Soerendonk | 2,350 | 0.013% | ~1 FTE — patient letter 17 Apr, signed Klinkers & Govaert |
| Adelante (revalidatie) | Revalidatie | Hoensbroek / Valkenburg | 15,000 | 0.084% | Own statement 16 Apr: possibly accessed — investigating (adelantegroep.nl) |
| Huisartsenpunt | GP organisation | Grathem / Heel / Ittervoort / Vlodrop | 16,450 | 0.039% | 7 locations (Dierdonk, Grathem, Heel x2, Ittervoort, Vlodrop, Weert) — own statement 17 Apr |
| Huisartsenpraktijk De Dommel | GP practice | Sint-Oedenrode | 4,700 | 0.026% | ~2 FTE — MooiRooiKrant / own website confirmed stolen |
| Meditta — MMC Echt | GP / specialist | Echt / Midden-Limburg | 8,000 | 0.045% | MMC Echt only — not all Meditta locations use HiX. Possibly accessed, investigating. |
| Total — named confirmed institutions | 247,400 | 1.38% | |||
| GP estimates use NZa cap of ~2,350 per FTE. FTE derived from opening hours, Google review volume, practice format and location. De 1e Lijn: 3 GPs named on website. Hospital/specialist figures are catchment estimates (NVZ, CBS). Does not include the 66+ additional institutions that filed AP notifications without public disclosure — actual scope is likely significantly higher. | |||||
Highly sensitive data — TBS & forensic psychiatric patients
De Forensische Zorgspecialisten (De Waag & Van der Hoeven Kliniek) confirmed data from approximately ~6,000 forensic psychiatric clients was stolen — including patients under court-ordered psychiatric detention (TBS). The organisation is notifying clients individually and organising information sessions at the clinics.
GP location methodology
Named GP practices are plotted at their exact geocoded address, with a blast radius based on the Dutch average of ~2,300 registered patients per practice.
Information sources
ChipSoft has published information about this incident at informatie.chipsoft.com. Additional data on this page is drawn from OSINT sources: individual institution websites, public AP filings, and reporting by NOS, Volkskrant, LHV, and Skipr. Where sources differ, both are noted. Readers are encouraged to consult primary sources directly.
Sources & status
Status based on institution websites, NOS, Volkskrant, ANP, LHV, L1 Nieuws, and Skipr as of 29 Apr 2026. GP addresses geocoded via Google Places. BovenIJ remains silent with portal offline. Forensic investigation by ChipSoft and Z-CERT ongoing. Independent awareness project — not an official communication.
Disclaimer — 29 Apr 2026
This page aggregates publicly available information from institution websites, official press releases, and media reporting. It does not make claims beyond what sources state. Named GP practices are plotted at geocoded addresses with a ~2,300 patient radius (Dutch average). GP practices are plotted only where a breach is confirmed or suspected. Population figures are estimates. This is an independent public-awareness project — not affiliated with ChipSoft, Z-CERT, or any healthcare institution. For official information, consult informatie.chipsoft.com and your own healthcare provider.
Sources
Official
ChipSoft informatiepagina ransomware-incident
informatie.chipsoft.com
ChipSoft FAQ — veelgestelde vragen
informatie.chipsoft.com/…/veelgestelde-vragen
De Forensische Zorgspecialisten — care continues after data incident
dfzs.nl
Media
NOS — Patient data confirmed stolen in ChipSoft hack
nos.nl/artikel/2610742
NOS — Hospital data leak cannot be ruled out
nos.nl/artikel/2610491
NOS — Healthcare organisations report patient data theft
nos.nl/artikel/2610854
NOS — Hackersgroep Embargo threatened to publish ChipSoft patient data
nos.nl/artikel/2611703
NOS — GP practices affected, no consequences for hospitals
nos.nl/artikel/2609591
LHV — Cyber incident at ChipSoft: what we know now
lhv.nl
L1 Nieuws — Noord-Limburg GP practices not affected (Cohesie)
l1nieuws.nl
Skipr — Ransomware attack hits EPR supplier ChipSoft
skipr.nl
Basalt revalidatie — information about ChipSoft hack
basaltrevalidatie.nl
AD Rotterdam — Rijndam warns patients: data possibly stolen in ChipSoft hack
ad.nl
Adelante — data breach at ChipSoft affects part of patient data
adelantegroep.nl
DTV Nieuws — Fonkelzorg patient data stolen in ChipSoft hack
dtvnieuws.nl
Omroep Brabant — Fonkelzorg and Heikant warn patients
omroepbrabant.nl
Omroep Zeeland — ADRZ and ZorgSaam not affected by data breach
omroepzeeland.nl
MooiRooiKrant — Huisartsenpraktijk De Dommel Sint-Oedenrode, patient data stolen
mooirooi.nl
Tweakers — ChipSoft admits patient data was stolen in hack
tweakers.net
NRC — Hackers force ChipSoft into slightly more openness
nrc.nl
Institution statements
Huisartsenpraktijken De Dommel (Sint-Oedenrode) — cyber attack notice
huisartsenpraktijkneulstraat.uwartsonline.nl
Mercuur Huisartsenpraktijk — patient portal problems
mercuur.praktijkinfo.nl
Medisch Kwartier Eindhoven — data stolen
medischkwartiereindhoven.nl
Huisartsenpraktijk Terra Medici — Maarheeze
terramedici.praktijkinfo.nl
Huisartsenpraktijk De 1e Lijn (Den Hoorn) — data most likely stolen
de-1elijn.nl
Huisarts Boschdijk Eindhoven — portal problems / data breach
mcboschdijk.nl
Meditta — MMC Echt cyber incident ChipSoft statement
medittaplein.nl
Huisartsenpunt — data confirmed stolen, official statement 17 Apr
huisartsenpunt.nl
Medisch Centrum Soerendonk — patient letter data confirmed stolen (PDF)
medischcentrumsoerendonk.uwartsonline.nl
Praktijk Hartendorp (Schoorl) — patient letter data incident (PDF)
huisartsenpraktijkhartendorp.nl
Huisartsenpraktijk Van de Kerkhof (Deurne) — patient letter data confirmed stolen (PDF)
hadeurne.nl
MKA Kennemer & Meer — patient letter cyber attack ChipSoft (PDF)
mkakennemerenmeer.nl
Bernhoven Ziekenhuis — data incident at ChipSoft
bernhoven.nl
Haaglanden MC — ChipSoft data incident, consequences for HMC
haaglandenmc.nl
Laurentius Ziekenhuis Roermond — actueel / ChipSoft statement
laurentiusziekenhuisroermond.nl
Wilhelmina Ziekenhuis Assen — cyber incident at ChipSoft
wza.nl
Slingeland Ziekenhuis — not affected by ChipSoft ransomware
slingeland.nl
Jeroen Bosch Ziekenhuis — no indications of data leak
jeroenboschziekenhuis.nl
Erasmus MC — cyber incident at ChipSoft supplier
erasmusmc.nl
SJG Weert — cyber incident at ChipSoft, care continues
sjgweert.nl
Sint Maartenskliniek — data incident at ChipSoft: latest developments
maartenskliniek.nl
LUMC — data incident ChipSoft: confirmed not affected
lumc.nl
VieCuri Medisch Centrum — patient data safe, EPD functioning normally
viecuri.nl
ADRZ — update patient portal, no data leaked
adrz.nl
Maastro (radiotherapie) — own statement: no indications of patient data impact
maastro.nl