Home News Woman Died After a Ransomware Attack Encrypted Hospital Services

Woman Died After a Ransomware Attack Encrypted Hospital Services

The ransomware attack was actually intended against Heinrich Heine University!

September 18, 2020

As per reports from German media and BleepingComputer, a woman has died after being denied treatment by a hospital because of a ransomware attack. The hospital has reportedly sent the patient who was in a life-threatening state to another hospital an hour away, which delayed the emergency treatment needed to save her.

A Ransomware Attack Causing Indirect Death!

As per RTL and BleepingComputer, a German hospital named University Hospital Düsseldorf (UKD) was mistakenly attacked by an unknown ransomware group, which caused the death of a woman indirectly.

The German hospital was attacked by ransomware on September 10th, which compromised their network and eventually led to encryption of systems.

The Düsseldorf hospital then announced that it was not able to serve the outpatients and emergency services. This led a woman in a life-threatening stage to deny treatment since they cannot admit and redirected her to a distant hospital 20 miles away in Wuppertal. But, doctors there were unable to treat her because of the late arrival, resulting in her death.

Regarding ransomware, a German cybersecurity firm Bundesamt für Sicherheit in der Informationstechnik (BSI) said the attackers have exploited a vulnerability in Citrix VPN software. Tracked as CVE-2019-19781, this vulnerability was spotted in January this year and a patch was also made available in the same month. Yet, the hospital’s IT staff failed to patch it.

Prosecutors are now investigating the incident to check whether it’s negligent manslaughter. Later, German police have contacted the ransomware operators through the ransom note left, which actually intended against Heinrich Heine University!

This mistake was reported to the ransomware group, who also confirmed the attack was intended to University rather than the hospital.

The ransomware group had given the hospital decryption key and stopped responding since. The University Hospital Düsseldorf is now slowly bringing back up all the systems to retrieve the medical services.