• Home
  • cyber
  • Düsseldorf University Clinic, Hollywood Presbyterian Medical Center and Universal Health Services: Ransomware Runs Rampant On Hospitals
cyber Ransomware

Düsseldorf University Clinic, Hollywood Presbyterian Medical Center and Universal Health Services: Ransomware Runs Rampant On Hospitals

Oct 2, 2020 2 min read
Düsseldorf University Clinic, Hollywood Presbyterian Medical Center and Universal Health Services: Ransomware Runs Rampant On Hospitals

First Fatality Linked to Ransomware Attack Highlights Growing Threat to Hospitals

On September 10, 2020, a ransomware attack on Düsseldorf University Clinic in Germany disrupted critical IT systems, forcing the hospital to divert emergency patients. A woman in need of urgent care was rerouted to another city for treatment delaying her admission by nearly an hour and later died. German authorities confirmed this as the first known death directly attributed to a ransomware attack.

The incident underscores the escalating risks of cyberattacks on healthcare. While cybercriminals typically target hospitals for financial gain rather than patient harm, the consequences can be severe. In 2016, the Locky ransomware disrupted operations at Hollywood Presbyterian Medical Center in Los Angeles, halting radiation and oncology services. More recently, Universal Health Services a U.S. hospital chain with 250 facilities canceled surgeries and rerouted ambulances after a ransomware attack, though no patients were harmed.

Ransomware attacks on healthcare providers have quadrupled over the past three years, despite repeated warnings from the FBI and cybersecurity experts. The financial toll is staggering: global damages from ransomware are projected to reach $20 billion by 2021, a 57-fold increase since 2015. Healthcare organizations, historically underinvested in cybersecurity, now face mounting pressure to bolster defenses. While other sectors like finance allocate around 15% of IT budgets to cybersecurity, hospitals have typically spent just 4–7%.

In response, the healthcare industry is expected to invest $125 billion in cybersecurity between 2021 and 2025, with C-suite executives increasingly recognizing ransomware as both a patient safety and reputational risk. The Düsseldorf incident serves as a grim reminder of the real-world stakes as cyber threats continue to disrupt critical care.

Source: https://cybersecurityventures.com/ransomware-runs-rampant-on-hospitals/

UHS cybersecurity rating report: https://www.rankiteo.com/company/uhs

CHA Hollywood Presbyterian Medical Center cybersecurity rating report: https://www.rankiteo.com/company/cha-hollywood-presbyterian-medical-center

Universitaetsklinikum Duesseldorf cybersecurity rating report: https://www.rankiteo.com/company/universitaetsklinikum-duesseldorf

"id": "UHSCHAUNI1774542502",
"linkid": "uhs, cha-hollywood-presbyterian-medical-center, universitaetsklinikum-duesseldorf",
"type": "Ransomware",
"date": "10/2020",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"
{'affected_entities': [{'customers_affected': 'Emergency patients, including '
                                              'one fatality',
                        'industry': 'Healthcare',
                        'location': 'Düsseldorf, Germany',
                        'name': 'Düsseldorf University Clinic',
                        'type': 'Hospital'}],
 'data_breach': {'data_encryption': 'Yes'},
 'date_detected': '2020-09-10',
 'description': 'A ransomware attack on Düsseldorf University Clinic in '
                'Germany disrupted critical IT systems, forcing the hospital '
                'to divert emergency patients. A woman in need of urgent care '
                'was rerouted to another city for treatment, delaying her '
                'admission by nearly an hour, and later died. This is the '
                'first known death directly attributed to a ransomware attack.',
 'impact': {'brand_reputation_impact': 'Severe reputational risk',
            'operational_impact': 'Diverted emergency patients, delayed '
                                  'medical care',
            'systems_affected': 'Critical IT systems'},
 'lessons_learned': 'The incident highlights the escalating risks of '
                    'cyberattacks on healthcare, emphasizing the need for '
                    'increased cybersecurity investment to prevent patient '
                    'harm and operational disruptions.',
 'motivation': 'Financial gain',
 'post_incident_analysis': {'corrective_actions': 'Increased cybersecurity '
                                                  'spending, enhanced '
                                                  'monitoring, and improved '
                                                  'incident response protocols',
                            'root_causes': 'Underinvestment in cybersecurity, '
                                           'lack of robust incident response '
                                           'plans'},
 'ransomware': {'data_encryption': 'Yes'},
 'recommendations': 'Healthcare organizations should allocate a higher '
                    'percentage of IT budgets to cybersecurity (targeting 15% '
                    'or more) and recognize ransomware as both a patient '
                    'safety and reputational risk.',
 'references': [{'source': 'Cybersecurity news reports'}],
 'response': {'law_enforcement_notified': 'German authorities'},
 'title': 'First Fatality Linked to Ransomware Attack on Düsseldorf University '
          'Clinic',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.