Cyber Incident Victim: Nueva EPS
Date:
Jul 2025
Location:
Colombia
Summary
Nueva EPS activated its contingency plan after a cybersecurity attack targeted the external connectivity provider that supports its service channels. The provider reported a threat in a virtual environment, prompting immediate isolation of servers, containment of the activity and launch of forensic analysis, backup validation and reinforcement of security controls. As a result, the affiliate and provider phone lines experienced intermittent connectivity, complicating routine request handling. To maintain service continuity, the EPS made available a WhatsApp line, its mobile app, a web portal for provider authorizations, the hospital reference manager and affiliation verification for urgent care. It expressed regret for the inconvenience and affirmed its commitment to secure, timely access.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On September 26 2025, Nueva EPS reported a cybersecurity attack on its external connectivity provider, América BPS Outsourcing Transformation. The attack led to a threat detected in one of the provider's virtual environments. Nueva EPS activated its Incident Management Protocol. It isolated servers, contained the threat, and prevented propagation. The contingency plan was activated immediately upon detection. Technical teams performed validation of backups, forensic review of accesses, and reinforcement of controls.
The attack caused intermittent connectivity in the lines of attention for affiliates and health providers. This hindered the management of some requests. To minimize operational impacts, Nueva EPS ensured continued access to health services through temporary measures. Affiliates could use a WhatsApp line (321 445 9657) available from 7:30 a.m. to 5:00 p.m. for personalized assistance. The Nueva EPS mobile app remained available 24/7 for transactions, queries, and information with internet and active credentials. Health providers could use an enabled web portal for direct authorization management. The Hospital Reference Manager remained active for receiving and managing hospital referrals. Affiliation verification continued to serve as a guarantee of attention in emergencies or hospital requirements.
Nueva EPS expressed regret for the inconvenience. It thanked users and providers for their understanding and collaboration. It reiterated its commitment to secure, timely, and barrier-free attention. It indicated that it would inform through official channels when the service is fully restored.