Cyber incidents affect hospitals in Germany, Croatia and the USA
After a cyberattack on a children's hospital in the USA, patients are informed about a data leak. There are further incidents in Hausham and Zagreb.
After a cyberattack on a children's hospital earlier this year, the hospital informs about a data leak.
(Image: Tupungato/Shutterstock.com)
After cyber criminals gained access to the Ann & Robert H. Lurie Children's Hospital of Chicago in January 2024, the hospital has now informed its patients and their parents about the data leak. Patient and employee data was leaked. This includes names, addresses, dates of birth, social security numbers and medical information. However, data from the central electronic patient record system was spared, the clinic assures.
Other electronic services such as e-mail, telephone and the electronic patient file were also paralyzed. The clinic had to continue working in emergency mode. Patient care was not affected at any time. "We deeply regret that this cyberattack has occurred", it said in a statement.
Hundreds of thousands of children's records
In the course of the attack, an entry appeared on the leak site of the relatively young ransomware group Rhysida. According to Becker's Health IT, almost all patient data is affected. In February, criminals demanded 60 Bitcoin for the health data of around 800,000 children, or around 3.5 million euros at the current exchange rate. According to its own information, the hospital did not pay a ransom, which is not advisable anyway.
Those affected will be notified by letter. "We deeply regret that this cyberattack has taken place," the hospital apologizes.
The hospital has set up a free hotline for questions about the incident. Those affected will be informed by post and will receive free access to a system designed to prevent identity theft for two years. The hospital also intends to strengthen its security measures. Cybersecurity experts and law enforcement agencies are continuing to investigate the IT security incident.
DDoS on largest hospital in Croatia
Around a week ago, there was a cyberattack on the University Hospital in Zagreb (KBC Zagreb). This was reported by the Croatian daily newspaper 24sata. As a result of the attack, the hospital shut down its IT system, but brought it back up again on Friday morning. Until then, the hospital's processes were slower than usual, some patients had to be transferred, and medical reports had to be written by hand.
Hospital information, laboratory and radiology systems were back in operation and patient data had not been lost, according to KBC Zagreb 24sata. The pro-Russian group "NoName057" claims to be behind the attack. It is unclear whether the attack is connected to a series of other DDoS attacks on the websites of Croatian government and financial institutions.
Agatharied hospital
Following a cyberattack on Agatharied Hospital, communication is impaired, and the hospital can only be reached by telephone. A large part of the IT systems were disconnected from the network. As a result, staff had to fall back on analog procedures, such as "old cassette dictation machines", as reported by the daily newspaper Merkur. In addition, 150 terabytes of data had to be restored. Shortly beforehand, the clinic had been certified as having a good security concept. The additional effort involved in typing instead of voice recognition functions is clearly noticeable. According to Merkur, the Bavarian State Office of Criminal Investigation and the cybercrime department in Rosenheim are currently investigating.
(mack)
