Lockbit gang hits German hosptials' emergency care

The Katholische Hospitalvereinigung Ostwestfalen (KHO) in Germany has confirmed that a Lockbit ransomware attack on December 24, 2023, was responsible for significant service disruptions at three of its hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford. The attack severely compromised the hospitals' IT infrastructure, leading to the encryption of data. Upon discovery, all systems were immediately shut down for security reasons, and law enforcement, regulators and stakeholders were informed.

The hospitals affected by the cyberattack include Franziskus Hospital Bielefeld, Sankt Vinzenz Hospital Rheda-Wiedenbrück, and Mathilden Hospital Herford, all of which are crucial in providing healthcare services in their regions. These hospitals collectively house 1,842 beds and have several specialist departments and hundreds of doctors and staff.

While patient treatment continues with some technical limitations and essential patient information remains accessible through backups, the hospitals' emergency care services are currently unavailable. Patients in need of urgent medical care are being redirected, potentially leading to critical delays in emergency treatment.

Investigations into the extent of the damage and whether any data was stolen are ongoing. As of now, the Lockbit ransomware gang has not listed KHO on its extortion portal on the dark web, leaving the status of stolen patient data or other sensitive information uncertain.