Media Reports: Massive Data Breach of Norwegian Health Authority Could Impact 3 Million Patients | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Media Reports: Massive Data Breach of Norwegian Health Authority Could Impact 3 Million Patients

January 19, 2018
by Heather Landi
| Reprints

International media outlets are reporting that a hacker or hacker group breached the systems of Norway’s Health South East EHF, potentially compromising the healthcare data of nearly 3 million patients, or about half of Norway’s population.

According to the publication The Inquirer, a UK-based technology-focused media brand, the breach was announced on Monday by the authority after it had been notified by HelseCERT, the Norwegian healthcare sector's national information security center, that there had been abnormal activity against computer systems in the region. The cyber attack took place on January 8.

“HelseCert said that data theft had taken place and that the hackers were 'advanced' and ‘professional',” according to The Inquirer article.

An article published in International Business Times today reported that the Norway’s Health South-East RHF manages hospitals in the nation’s southeast region, which comprises nine of Norway’s 18 counties. According to local press, Health South-East RHF is the largest of Norway's four healthcare regions with hospitals serving 2.9 million of the country's total of 5.2 million inhabitants.

The International Business Times article quoted a statement by Health South East RHF CEO Cathrine M. Lofthus: “This is a very serious situation, and measures have been taken to limit the damage caused by the burglary. There is close dialogue with the hospitals about this and there is so far no evidence that the burglary has had consequences for patient treatment, patient safety or patient data has been overlooked, but it is too early to conclude.”

Further, Lofthus said in the statement, “The best resources in Hospital Partners are now working together with the foremost expertise in the country to get an overview and resolve the situation.”

The IB Times article also reported that the director of Norway's ministry of healthcare, Bjørn Guldvog, deemed the data breach as serious, adding that the authorities are taking measures to ensure that any fallout caused by the breach is limited. However, Guldvog refrained from mentioning what measures had been taken to deal with the breach, the article stated.

"A number of measures have been implemented to remove the threat, and further measures will be implemented in the future," said Norway's Ministry of Health and Care in a statement.

It still remains unknown as to whether hackers were able to successfully access and exfiltrate data and if so, how many people may have been impacted by the breach.

“We are in a phase where we try to get an overview. It's far too early to say how big the attack is. We are working to acquire knowledge of all aspects,” director of the Norwegian security agency, National Security Authority (NSM), Kjetil Nilsen, told a local newspaper, according to the IB Times article.


Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



KLAS Research: Small Hospitals’ Buying Decisions Impacting EMR Market Share

A new KLAS Research report tracks shifts in electronic medical record (EMR) vendor market share among acute care hospitals, and finds that smaller hospitals are seeking technology solutions that meet their needs and limited budgets, and these contracts are making a mark on the EMR market.

Survey: Majority of Providers Predict Success for New Generic Drug Company, Project Rx

Back in January, four health systems, in consultation with the VA, announced a collaboration to develop a new, not-for-profit generic drug company. A survey has found that 90 percent of providers say they would become customers of the new venture.

Personalized Medicine Awareness Low Among U.S. Adults, Survey Finds

Genetics and personalized medicine are not top of mind for the general public in the U.S., according to a recent survey from GenomeWeb and the Personalized Medicine Coalition.

Industry Organizations Praise Senate Passage of VA Mission Act

The U.S. Senate on Wednesday passed, by a vote of 92-5, a major Veterans Affairs (VA) reform bill that includes health IT-related provisions to improve health data exchange between VA healthcare providers and community care providers.

NIH Issues Funding Announcement for All of Us Genomic Research Program

The National Institutes of Health’s (NIH) “All of Us” Research Program has issued a funding announcement for genome centers to generate genotype and whole genome sequence data from participants’ biosamples.

MGMA: Physician Compensation Data Illustrates Nationwide PCP Shortage

Primary care physicians’ compensation rose by more than 10 percent over the past five years, representing an increase which is nearly double that of specialty physicians’ compensation over the same period, according to the Medical Group Management Association (MGMA).