The logo of Všeobecná zdravotná poisťovňa (VšZP), Slovakia’s largest public health insurer, stands on the door, (source: TASR - Pavol Zachar)
Všeobecná zdravotná poisťovňa (VšZP), Slovakia’s public health insurer, confirmed that it was the target of a Denial-of-Service (DoS) attack on Friday, January 24. The insurer described the incident as an attempt to disrupt its IT infrastructure, data, and services–a significant cyber event in its history, according to the organisation.
On Friday, when Slovakia saw mass anti-government protests, Prime Minister Robert Fico (Smer) and Health Minister Kamil Šaško (Hlas) described the attack as “massive,” claiming that hackers sought to access sensitive patient information, including diagnoses and medical procedures. Fico went so far as to label the incident a “textbook example of how disobedient governments are targeted,” referencing ongoing tensions with Ukrainian President Volodymyr Zelensky and the European Union.
However, VšZP’s subsequent statements suggest the scale of the attack may have been exaggerated. The insurer clarified that patient data remained secure and services continued without disruption. “The attack was effectively contained, and no infiltration of internal systems occurred,” VšZP stated.
Experts questioned Fico’s framing of the attack, noting that the nature of a DoS incident – overloading a website or service with traffic – is ill-suited for extracting data. Furthermore, VšZP did not report any significant outages, undermining claims of a severe operational impact.
Adding complexity to the narrative, the Sme daily reported a concurrent phishing campaign linked to Russia targeting VšZP clients, though this was unrelated to the DoS attack. Unlike the phishing operation, which aimed to steal financial details, the DoS attack focused on disrupting the insurer’s systems.
The insurer acknowledged that identifying the attackers is unlikely, a common challenge in cyber operations. Yet, Fico’s allegations of political motives echo his earlier, unsubstantiated claims that Ukraine was behind a separate ransomware attack on Slovakia’s land registry a few weeks ago.
As investigations continue, questions remain about the true scope and intent of the VšZP attack. A final report is expected within 30 days, potentially shedding more light on one of Slovakia’s most high-profile cyber incidents to date.
