A ransomware attack on a hospital in Germany may have accidentally resulted in the death of a patient in what could be the first of its kind.
The computer systems of the Düsseldorf University Hospital were so badly disrupted last week in the attack that they could not accept emergency patients or perform operations. The deceased patient needed urgent treatment, but was rerouted to another medical facility about 30 km away because the hospital could not allow such cases.
In a tweet posted on Thursday, September 17, officials at the medical facility said hackers found a vulnerability in widely used commercial software but failed to identify it.
According to the German news agency RTL, 30 servers at the Düsseldorf University Hospital were encrypted by the hackers.
However, it appears that the perpetrators mixed up their target, as a ransom note found on one of the hospital's servers was addressed to the nearby Heinrich Heine University, with which the hospital has connections.
When investigators discovered the note, they reached out to the hackers to tell them that their actions were endangering the lives of the patients. The hackers responded by providing the decryption key, but it was too late for the woman who was unable to receive emergency treatment at the earliest possible time.
The incident is still being investigated. However, if a clear link is made between the cyberattack and the death of the woman, manslaughter can be brought against those charged in connection with the crime.
Ransomware, which can be delivered to a computer system in a number of ways, encrypts files to prevent access. Hackers demand payment for a decryption key.
From tech companies and finance companies to shipping companies to hospitals and universities, ransomware attacks increase as hackers look for quick ways to get money from their victims. With proper backups, many of those who fall victim to ransomware attacks can restore their systems, although it can be a tedious process. However, without proper action, victims have a terrible choice of losing their data or handing over a large chunk of money to regain access.