German hospital hacked, patient taken to another city dies
German authorities say a hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.German authorities said Thursday that an apparently misdirected ransomware attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment.
The woman's death appeared to be the first resulting from a ransomware attack, even if indirectly so.
The Duesseldorf University Clinic's systems have been disrupted for a week. The hospital said investigators have found that the source of the problem was a hacker attack on a weak spot in “widely used commercial add-on software,” which it didn't identify.
As a consequence, systems gradually crashed and the hospital wasn't able to access data; emergency patients were taken elsewhere and operations postponed.
The hospital said that that “there was no concrete ransom demand.” It added that there are no indications that data is irretrievably lost and that its IT systems are being gradually restarted.
A report from North Rhine-Westphalia state's justice minister said that 30 servers at the hospital were encrypted last week and an extortion note left on one of the servers, news agency dpa reported. The note — which called on the addressees to get in touch, but didn't name any sum — was addressed to the Heinrich Heine University, to which the Duesseldorf hospital is affiliated, and not to the hospital itself.
Duesseldorf police then established contact and told the perpetrators that the hospital, and not the university, had been affected, endangering patients. The perpetrators then withdrew the extortion attempt and provided a digital key to decrypt the data. The perpetrators are no longer reachable, according to the justice minister's report.
Prosecutors launched an investigation against the unknown perpetrators on suspicion of negligent manslaughter because a patient in a life-threatening condition who was supposed to be taken to the hospital last Friday night was sent instead to a hospital in Wuppertal, a roughly 32-kilometer (20-mile) drive. Doctors weren't able to start treating her for an hour and she died.
Given the mounting pace of ransomware attacks that have crippled everything from major cities to school districts, the death was no surprise to Brett Callow of Emsisoft, a cybersecurity firm that closely tracks ransomware.
“This was pretty much inevitable,” he said.
In the U.S. alone, 764 healthcare providers were victimized last year by ransomware, according to data compiled by Emsisoft. It was not the first time an emergency patient had to be rerouted to a different hospital as a result.