eHealth: Trust service provider D-Trust informs about data protection incident
Data protection incident at D-Trust. The application portal for signature and seal cards for the healthcare sector is affected. Investigations continue.
There has been a data protection incident at D-Trust. Applicants should be vigilant.
(Image: Bundesdruckerei)
D-Trust GmbH suffered a cyberattack on January 13, 2025. The application portal for signature and seal cards was affected. Doctors, pharmacists, and other healthcare professionals need these to use digital services in the healthcare sector. For example, doctors can use an electronic health professional card (eHBA) to identify themselves to the telematics infrastructure – of the “health data highway” –. Doctors can use the eHBA to sign e-prescriptions or similar documents or store information in the electronic patient file.
Personal data of applicants may have been stolen during the attack. “Issued signature and seal cards were not compromised and can still be used. PINs, passwords, payment information and other systems are not affected,” reads a press release from D-Trust. In a letter, the managing directors inform their customers that the tapped data includes “first and last name, e-mail address, date of birth, address data (if applicable) and ID document number (if applicable)”.
Disruption of operations
Furthermore, the customer letter refers to an attack that was specifically “aimed at disrupting the business operations of D-Trust GmbH. Nevertheless, it cannot be ruled out that the possibly stolen personal data may also be used for fraud attempts.” The function and security of the certificates issued are also not impaired. D-Trust also calls on its customers to be vigilant, as the data could be used for fraud attempts. It also states that the function and security of the certificates issued are not impaired and that they can continue to be used as usual.
Videos by heise
Investigations underway
After becoming aware of the attack, D-Trust immediately took measures “to ensure the protection of data in the portal”. The supervisory authorities have been informed and a criminal complaint has been filed against unknown persons. The authorities and a security team are currently working on the investigation. “In light of the ongoing investigations by the security authorities against the attacker, we are unfortunately unable to provide you with any further information,” we were told in response to a request from heise online. The extent of the attack is therefore unclear.
(mack)
