Cyber Incident Victim: AZ Herentals

On or around April 1, 2022, AZ Herentals hospital experienced a cybersecurity incident involving unauthorized access to internal documents by an unidentified entity. The breach was disclosed to the hospital when an unknown group claimed responsibility for compromising a limited set of non-clinical documents. Hospital operations remained unaffected throughout the incident, with critical patient care systems like the Nexuzhealth-KWS electronic health records platform remaining fully secure and inaccessible to the attackers. AZ Herentals immediately initiated response protocols upon notification, prioritizing containment and investigation of the data exposure. The hospital engaged external cybersecurity experts to support its internal IT team in identifying the breach's entry point and securing vulnerabilities.

Authorities including Belgium's Data Protection Authority (GBA) and the federal police cyber unit were formally notified in compliance with regulatory requirements. While the exact scope of accessed documents wasn't publicly detailed, the hospital confirmed no medical records or patient treatment data were compromised. AZ Herentals committed to directly notifying affected individuals once forensic analysis concluded, emphasizing patient data protection as its highest priority throughout the response. The hospital established a dedicated communication channel through its Data Protection Officer ([email protected]) for patient inquiries, maintaining transparency while investigation and remediation efforts continued. No operational disruptions to medical services or patient care delivery occurred during or after the incident.