+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

A cyberattack that hit a German hospital may have led to a woman's death

Sep 18, 2020, 16:23 IST
Business Insider
The Universitätsklinikum Düsseldorf was hit by a cyberattack.Lukas Schulze/Getty Images
  • A hospital in Düsseldorf was hit by a ransomware attack on Thursday last week.
  • The attack meant the hospital was unable to accept emergency patients, so a woman in need of urgent care had to be taken to a hospital 20 miles away and subsequently died.
  • The state prosecutor is currently investigating the cause of death to determine whether a charge of negligent manslaughter will be brought against the hacker or hackers.
Advertisement

A hospital in Düsseldorf was hit by a ransomware attack on Thursday last week, and a woman died as the hospital struggled to come back online.

According to a report from the state of North Rhine-Westphalia's justice minister, the attack encrypted 30 servers at the hospital, making them inaccessible.

German news media and the Associated Press report that while the Universitätsklinikum Düsseldorf IT systems were paralyzed it was unable to accept emergency patients, meaning a woman brought in on Friday night and in need of urgent admission died after she had to be taken to a hospital in neighboring Wuppertal, 20 miles away.

A ransomware attack is a kind of cyberattack where the attackers steal an organization's data or cripple its IT systems, demanding a ransom in return for restoring the data or systems.

Per local reports, the attacker seems to have targeted the hospital by mistake. The ransom note accompanying the attack was addressed to the Heinrich Heine University, to which the hospital is attached.

Advertisement

The police reportedly managed to make contact with the hacker and inform them they had hit the hospital, not the university. The hacker then withdrew the attack and provided a key to decrypt the data they had stolen.

Local news site the Rheinische Post reported the state prosecutor is conducting an investigation into the cause of death to determine whether a charge of negligent manslaughter will be brought.

The hospital said in a statement on Thursday that the weakness exploited by the hacker had been in some widely-used add-on software, although it did not name the software. Germany's cybersecurity ministry also issued a statement about the attack on Thursday, saying that back in January it had warned of a vulnerability in VPN software provided by Citrix Systems.

This is not the first time a hospital has been hit by a ransomware attack — in 2017 the WannaCry ransomware virus was used to target hospitals in more than 150 countries — but it does appear to be the first reported case of a cyberattack potentially being directly responsible for a person's death.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article