Je browser is verouderd en geeft deze website niet correct weer. Download een moderne browser en ervaar het internet beter, sneller en veiliger!

About the ransomware counter

Z-CERT uses the counter to track ransomware incidents that have occurred in the European healthcare sector. These are ransomware incidents at healthcare organisations, not at their suppliers or partners. An incident is counted as a ransomware incident when one or more files have been encrypted by an actor who was not authorised to perform this action. In general, the actor is seeking financial gain, and the victim must pay a sum of money to obtain a digital key that can be used to reverse the encryption.

An incident is registered on this counter if:

  • The organisation appears on so-called "data leak" sites belonging to a known ransomware group.
  • The organisation announces the incident itself, for example via a press release or on its own website.
  • The organisation reports the incident itself to Z-CERT.
    Z-CERT learns from a reliable source that a ransomware incident has occurred at a healthcare institution.
  • The incident has been reported in the news and mentioned by several reliable news media. A condition is that the incident is not denied by the organisation that has suffered the incident.

Disclaimer

The counter is updated weekly. It is therefore possible that, at the time of your visit to this website, new ransomware incidents have been added that are not yet included in the counter. The number of incidents listed does not indicate how many incidents have actually occurred. The counter only counts incidents that have been made public in public sources monitored by Z-CERT and incidents reported to Z-CERT itself. Unfortunately, the actual number of ransomware incidents at healthcare institutions in Europe and the Netherlands will be higher.