Katholische Hospitalvereinigung Ostwestfalen (KHO), a German hospital network, has confirmed that a cyberattack launched by the Lockbit ransomware group is the cause of recent service disruptions at three hospitals in its network.
The attack occurred in the early morning of December 24, 2023, and it drastically impacted the systems that supports the operations of three hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford, Germany.
Details About the Attack
KHO announced the attack on their website, reading:
A first test showed that it is probably a cyberattack by Lockbit 3.0, the resolution time of which is currently unforeseeable. For security reasons, all systems were shut down immediately upon discovery, and all necessary parties and institutions were informed.
KHO Announcement (Source)
During the attack, the threat actors encrypted data, although at this moment investigations are underway and the extent of the damage cannot be determined yet.
The following hospitals operated by KHO have been impacted by the cyberattack:
- Franziskus Hospital Bielefeld – 614 beds, ten specialist departments, 390 doctors and staff;
- Sankt Vinzenz Hospital Rheda-Wiedenbrück – 614 beds, five specialist departments, 200 doctors and staff;
- Mathilden Hospital Herford – 614 beds, eight specialist departments, 230 doctors and staff.
A cyberattack that affects the IT systems of the aforementioned hospitals could have catastrophic effects on patients experiencing medical emergencies because these hospitals are essential to the provision of healthcare services in their respective communities.
According to KHO’s release, patient care in the affected hospitals carries on as usual, and all clinic operations are still accessible despite minor technological setbacks. The successful restoration of backups preserves access to crucial patient data.
The emergency care unit however is unavailable in all three targeted KHO hospitals, so people needing urgent medical care are diverted towards other hospitals, possibly resulting in critical delays.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube for more cybersecurity news and topics.