A man in Germany, who needed immediate care, ended up being forced to go to a more remote hospital due to a ransomware attack.
On September 10, the University Hospital of Düsseldorf (UKD) in Germany was attacked by ransomware as the attackers took advantage of the vulnerability Citrix ADC CVE-2019-19781 .
By shutting down their computer systems, the hospital announced that planned and external treatments as well as emergency care cannot be performed. Those seeking emergency care were forced to move to more distant hospitals.
The hospital contacted the police and according to German media, the police got in touch with the ransomware operators through the ransom instructions notes και τους ενημέρωσαν ότι ο στόχος ήταν ένα νοσοκομείο. Όπως φαίνεται από την σημείωση των λύτρων που υπήρχε στους κρυπτογραφημένους δίσκους του νοσοκομείου, το ransomware απευθυνόταν στο University Heinrich Heine, and not in the hospital itself.
The hospital resumed its systems once it received the key, and investigations concluded that the data was most likely not stolen.
But before all this was done, a patient who rushed to the Dusseldorf hospital and needed immediate treatment, was transferred to the most distant hospital, about 32 kilometers away, in Wuppertal, since the University Hospital Dusseldorf was unable to register emergency services.
This transfer delayed care for an hour, resulting in the patient losing his life. Following the death of the patient, the German prosecutor's office launched an investigation into whether this attack was responsible and whether there was homicide due to negligence.