Sophiahemmet Hospital in Stockholm was subjected to a comprehensive cyberattack last winter. The hospital will now contact all individuals whose personal data is included in the material that was stolen.
The cyberattack on the hospital took place at the end of February. Days later, it emerged that the stolen data was being sold on the darknet.
The hospital's and police's investigations have now clarified which personal data is included in the stolen files.
"We are now personally informing all affected individuals. We deeply regret the inconvenience this may cause for individuals whose data was stolen from us in the hacker attack in February," says Peter Seger, CEO of Sophiahemmet, in a press release.
"The stolen material consists of administrative files. No medical records were affected by the attack," he adds.
However, the material did contain personal data, mainly personal identity numbers, which in some cases were linked to diagnosis codes or diagnoses.
Sophiahemmet immediately transitioned to entirely new IT environments directly after the attack was discovered. The hospital will not pay the ransom demanded by the hackers, according to the press release.
