PRESS RELEASE: Response FysioRoadmap on reporting about a possible data breach

UPDATE 30-9 11:21 am 

Since our previous reporting (see below) about the potential ransomware attack involving the name FysioRoadmap was mentioned, we have done further investigation. 

This study shows the following: 

  • There is no hack or data leak FysioRoadmap self-observed.
  • The incident is limited to one practice, where third parties illegally gained access to login details for their specific RDP archive environment through the practice. 
  • There are no clues that other customers or users have fallen victim to this attack.

We are working closely with the affected practice and supporting them in managing and resolving this incident. 

Important!: all data within the central FysioRoadmap-environments are safe. 

We continue to carefully monitor the situation in collaboration with Z-CERT and will provide additional updates as needed. 

If you have any questions, please contact us at media@fysioroadmap.nl.

PRESS RELEASE 28-9-2025

Today (September 28), several media outlets have reported on a possible ransomware attack involving the name FysioRoadmap is mentioned. We understand that this may raise questions from our customers and partners and would therefore like to explain the situation: 

  • Based on our research, it appears that no hack or data breach FysioRoadmap yourselfOur servers and data have not been compromised. 
  • The investigation revealed that the incident does not relate to FysioRoadmap Web-based or the RDP solution.  
  • Based on current information, it is likely a separate archive environment of one specific user, where data was stored locally and managed by the user himself. 
  • We are carefully monitoring the situation in collaboration with relevant parties, including Z-CERT (cybersecurity experts who help keep healthcare institutions digitally secure). 

FysioRoadmap offers customers three ways to use our software: 

  1. Web-based: fully managed and secured by FysioRoadmap.
  2. Archive version on FRM RDP servers: also centrally managed and secure.
  3. Archive version on local environment of the practice itself: where archive data is stored locally with the user and the security measures are managed by the user themselves. 

It appears that the current incident relates to this third variant, which is completely separate from the one reported by FysioRoadmap managed own systems. We want to expressly reassure our customers and partners: 

All data within the central FysioRoadmap-environments are safeWe also maintain backups in case data restoration is necessary. Should additional measures be necessary, we will take them immediately and communicate them to you. 

If you have any questions, please contact us at media@fysioroadmap.nl.