A Norwegian healthcare provider is investigating an unauthorized intrusion into its IT systems which may have breached the personal data of over half the country’s population.

Helse Sør-Øst RHF (Health South-East RHF) delivers healthcare for the most populous part of the Scandinavian nation, including the capital, via 15 health trusts and a network of 19 pharmacies. This area is said to cover nearly three million of a population of a little over five million people.

The country’s healthcare IT security center, HelseCert, notified IT delivery partner Sykehuspartner HF (Hospital Partner HF) of “abnormal activity” at the beginning of the month, Health South East said in a statement last week.

The breach was perpetrated by an “advanced and professional” player, with police having been notified.

Measures have been taken to mitigate and remediate the threat, with HelseCert and national security authority NorCert leading the efforts.

The health authority claimed that there’s no evidence the data theft has put patient treatment or safety at risk, although it added that it is still too early to make a definitive assessment.

Either way, the incident isn’t on the same kind of scale as a government beach in neighboring Sweden revealed last year which is thought to have exposed highly sensitive information on infrastructure and the military — potentially to hostile states.

Infoblox director of Western Europe, Gary Cox, said the attack highlighted the increasing value placed on healthcare records by cyber-criminals. That’s why 85% of providers polled by the vendor in the UK and US said they’ve increased spending over the past year.

“It’s crucial that healthcare IT professionals plan strategically about how they can manage risk within their organization and respond to active threats to ensure the security and safety of patients and their data,” he added.

McAfee chief scientist, Raj Samani, warned that the affected patients may now be at risk from follow-on fraud attempts.

“The cybersecurity industry needs to work together to combat the growing rate of cybercrime targeting public services by making threat intelligence sharing compulsory so that they are best equipped to defend against this threat,” he urged.

“Once this is in place every attack will lead us a step closer to finding those responsible.”