Cyber ​​incidents have hit hospitals in Germany, Croatia and the US

After cybercriminals gained access to “Ann & Robert H. Lurie Children's Hospital of Chicago” in January 2024, the clinic is now informing its patients and their parents about the data breach. Patient and staff information leaked. This includes names, addresses, dates of birth, social security numbers and medical information. However, the data was stored from a central system of electronic patient record, the clinic assured.

Advertising

Other electronic services such as email, telephone and electronic medical records were also disrupted. The clinic had to continue to operate in emergency mode. Patient care is never compromised. “We deeply regret this cyber attack” says in a statement.

Hundreds of thousands of baby records

During the attack, an entry appeared on the leak site of Rhysida, a relatively young ransomware group. According to medium Becker's Health ID Nearly 800,000 patient data were affected. In February, criminals demanded 60 bitcoins for children's health data, roughly 3.5 million euros at current rates. According to its own information, the hospital did not pay any ransom, which is not recommended anyway.

The hospital has set up a toll-free hotline to answer questions about the incident. Victims are notified by mail and receive free access to a system designed to prevent identity theft for two years. Additionally, the hospital wants to strengthen its security measures. Cyber ​​security experts and law enforcement officials continue to investigate the IT security incident.

Hospital in Croatia

About a week ago the University Hospital in Zagreb (KBC Zagreb) was cyber-attacked. Croatian newspaper 24sata reported this. Due to the attack, the hospital shut down its IT system, but restarted it on Friday morning. Until then, the hospital's processes ran slower than usual, with some patients having to be transferred and medical reports having to be written by hand.

Hospital information, laboratory and radiology systems are back in operation and patient data has not been leaked, KBC Zagreb told 24sata. The pro-Russian group “NoName057” claims to be behind the attack. It is unclear whether the attack is related to other DDoS attacks on the websites of Croatian government and financial institutions.

Agathari Hospital

After the cyber attack on Agathari Hospital, communication was disrupted and the hospital could only be reached by phone. Most of the IT systems are disconnected from the network. As a result, staff had to resort to analog methods such as “old cassette dictation machines”, As reported by the Mercure newspaper. Additionally, 150 terabytes of data must be restored. Some time ago, the clinic was certified as having a good safety concept. The extra effort involved in typing instead of using voice recognition functions is clearly noticeable. According to Mercur, the Bavarian State Criminal Police Office and the Cybercrime Department in Rosenheim are currently investigating.

(Mac)