German authorities said that a ransomware attack on the IT systems of a Düsseldorf hospital may have led to the death of a patient.

With systems down, patient data inaccessible, and operations postponed, she had to be sent to a different hospital an additional 32 kilometers (20 miles) away, delaying potentially life-saving treatment.

A matter of time

– Wiegels

It is believed that the hackers had planned to attack Heinrich Heine University, but accidentally brought down the systems of the affiliated Düsseldorf University Clinic. The attack encrypted 30 servers at the hospital, with one including a ransomware note - addressed to the university.

When Düsseldorf police told the hackers that they were attacking a hospital, they withdrew the extortion attempt and provided a digital key to decrypt the data. They are no longer reachable.

Prosecutors have launched an investigation against the hackers on suspicion of negligent manslaughter. Should an investigation conclusively show that the woman would have been likely to survive had the hospital not been under attack, the case may be treated as a homicide. Hundreds of other patient visits and appointments were delayed or routed elsewhere.

Cybersecurity professionals have long warned that hospitals are at risk of cyberattack, and that - with more and more medical equipment connected to the Internet - such hacks can grind healthcare facilities to a halt.

Back in 2017, the WannaCry attack brought down most of the UK's National Health Service, disrupting countless procedures. Numerous hospitals around the world have been hit by ransomware attacks.

Even after an attack, there can be lasting damage. Last year, a study published in Health Services Research found that in the three years following a hospital data breach patients with heart attacks were likely to be treated slower, and at greater risk of death. This is because breach remediation efforts took primacy, and other aspects of hospital quality suffered as a result.