Cyber Incident Victim: Všeobecná zdravotná poisťovňa
Date:
Jan 2025
Location:
Slovakia
Summary
The incident involved a targeted denial-of-service attack against Všeobecná zdravotná poisťovňa's IT infrastructure, aiming to disrupt data and services. Despite the attack's intensity, no policyholder data breach occurred, with information remaining securely protected through multiple backups. Preventive measures led to temporary suspension of electronic services including mobile applications and eRecept functionality due to continued attack attempts, though healthcare provision remained unaffected throughout the event.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 24, 2025, Všeobecná zdravotná poisťovňa (VšZP), Slovakia's general health insurance provider, experienced a large-scale cyberattack targeting its IT infrastructure. The attack occurred around midday and was characterized as a targeted denial-of-service (DoS) incident aimed at disrupting the organization's digital operations and services. VšZP immediately activated its security protocols, leveraging existing cybersecurity measures that had been strengthened in response to observed increases in cyber threats. The organization confirmed no unauthorized access to policyholder data occurred during this incident, maintaining that sensitive health information remained protected through multiple redundant backups and robust security controls. Healthcare services continued uninterrupted despite the attack, with VšZP emphasizing that patient care systems remained operational throughout the event. The organization's public statement highlighted its continuous monitoring of cyber threat trends and implementation of preventive security upgrades as key factors in mitigating the attack's impact.
Between January 24 and January 29, 2025, VšZP faced additional attempts to compromise its systems, prompting further defensive actions. On January 28, the organization confirmed the initial attack's nature as a deliberate attempt to disrupt data, services, and infrastructure, while reiterating that no data exfiltration had occurred. By January 29, ongoing cybersecurity threats led VšZP to proactively suspend electronic services including its mobile application and eRecept prescription platform as a preventive operational measure. These service disruptions represented the primary operational impact of the sustained attack attempts, though VšZP maintained that core insurance and healthcare provision functions continued without compromise. The organization consistently emphasized its multi-layered data protection approach and the absence of healthcare service interruptions throughout its communications. No ransomware demands, data theft evidence, or specific threat actor attribution were disclosed in available statements. VšZP's response focused on maintaining system integrity through existing security protocols, temporary service suspensions, and continued monitoring without detailing specific technical remediation measures beyond referencing prior infrastructure hardening efforts.