The IT failure at the Düsseldorf University Clinic was actually a hacker attack. Meanwhile, a death is being investigated.
DÜSSELDORF dpa | According to the state government, the IT failure at the Düsseldorf University Hospital is due to a hacker attack with blackmail. Science Minister Isabel Pfeiffer-Poensgen (independent) said in the state parliament on Thursday that the perpetrators had withdrawn the extortion after contacting the police. The public prosecutor’s office is now also investigating negligent homicide because a patient had to be diverted to a Wuppertal hospital – and died.
According to a report by the Justice Minister, 30 servers in the clinic were encrypted last week. A blackmail letter was left on a server, but it was addressed to the Heinrich Heine University in Düsseldorf. In the letter, the blackmailers asked to be contacted – according to the report, they did not name a specific amount.
The Düsseldorf police then actually made contact and informed the perpetrators that their hacker attack affected a hospital – and not the university. This puts patients at considerable risk. The perpetrators then withdrew the extortion and handed over a digital key with which the data can be decrypted again.
According to the report, the investigators therefore suspect that the university hospital was affected by chance. In the meantime, the perpetrators are no longer available.
No stolen data
The unknown is now also being investigated for negligent homicide, as a life-threatening patient who was supposed to be brought to the university clinic on the night of September 11th to 12th was referred to a hospital in Wuppertal. Your treatment could only take place one hour late. She died a short time later, the Justice Minister said in his report.
According to current knowledge, no data was stolen or irretrievably deleted during the hacker attack. The clinic announced that studies by IT experts had shown that.
The hackers exploited a vulnerability in an application. “The security gap was in a customary and worldwide commercial add-on software. Until the software company finally closed this gap, there was a sufficient time window to penetrate the systems, ”said the clinic. The attackers would have ensured that gradually systems failed and access to stored data was no longer possible.
The University Hospital Düsseldorf now expects that it will take some time before patients can be treated normally again. “Due to the size of the IT system and the abundance of data, we cannot yet estimate when this process will be completed,” said the commercial director, Ekkehard Zimmer, on Thursday. “However, we are confident that we will be able to better estimate the time span in the next few days and then be there for our patients again step by step.”
Last Thursday, the IT system at the university hospital failed. Ambulances no longer drove to the large facility in the North Rhine-Westphalian state capital, operations were postponed and planned treatment appointments were canceled.