Patient Dies After Hackers Hit ‘Wrong’ Hospital in Germany

September 30, 2022

INCIDENT

University Hospital Düsseldorf (UKD) in Germany suffered a cyberattack. Through an unpatched vulnerability, hackers penetrated the hospital’s network with ransomware, forcing planned and outpatient treatments and emergency care to have to occur elsewhere. A patient died after being forced to go to another hospital.

The ransom notes left on the hospital's encrypted servers were incorrectly addressed to Heinrich Heine University, rather than the hospital itself. After the police contacted the threat actors and explained that they encrypted a hospital, the ransomware operators withdrew the ransom demand and provided a decryption key.

Incident Date

September 10, 2020

Location

Germany

Estimated Cost

A patient died

Victims

Type of Malware

Threat Source

No threat source identified

References

Industries

Healthcare

Impacts

IT