A woman has died in Germany after a cyber attack at the Düsseldorf University Clinic (DUC) caused
her to be turned away for emergency medical treatment at the hospital earlier in September.
The ransomware attack caused the hospital’s systems to go down and so patients were rerouted to alternative healthcare settings.
A police investigation was launched following the woman’s death, which occurred after she was
forced to travel for an hour to a hospital 20 miles away in Wuppertal.
But the attack may have been misdirected, reports have suggested. According to Infosecurity
Magazine, a ransom note was left on one of the hospital’s servers addressed to Heinrich Heine
University, with which the DUC is affiliated. After Düsseldorf police contacted the attackers and
informed them of the impact on the hospital, a digital decryption key was supplied and no money
extorted. But no further communication was then possible.
Experts are understood to have been drafted in by detectives in order to determine whether
there is a link between the attack and the death.
In a statement reported by the BBC the President of Germany’s national cyber-security authority,
Arne Schönbohm, said the hackers exploited a previously publicised VPN vulnerability:
“We warned of the vulnerability as early as January and pointed out the consequences of its
exploitation. Attackers gain access to the internal networks and systems and can still paralyse them
“I can only stress that such warnings should not be ignored or postponed, but need appropriate measures immediately. The incident shows once again how seriously this risk must be taken.”
The post Cyber attack linked to death of woman at hacked German hospital appeared first on PrivSec Report.