Cybercriminals Steal Thousands of Patient Records from UKE and UKSH in Extortion Scheme
Hamburg, May 24 – Cybercriminals have accessed tens of thousands of patient records in Germany, with the Universitätsklinikum Hamburg-Eppendorf (UKE) in Hamburg and the UKSH in Kiel among the affected institutions. The cyberattack targeted an external service provider responsible for billing private and self-paying services. While no data was stolen directly from the hospitals’ servers, the breach has exposed highly sensitive information.
Over 5,000 UKE Patients Affected, Including Diagnoses
At UKE alone, more than 5,000 patients have been impacted by the cyberattack. Their names and addresses were stolen. More critically, in nearly 1,500 cases, content from patient files, including diagnoses and other detailed health information, was also compromised. This level of detail raises significant concerns about patient privacy and data security.
Extortion Suspected as Motive Behind Cyberattack
An insider speaking to NDR revealed that the incident aligns with a common business model for cybercriminals: data for money. It is strongly suspected that the perpetrators demanded a ransom for the stolen data. Experts believe it is unlikely the stolen data will be published, suggesting that the demanded payment was likely made, and the data subsequently deleted by the cybercriminals, as per their business model.
UKSH Reports 9,000 Patient Data Breaches; Hospitals Across Germany Affected
The UKSH in Kiel has stated on its website that approximately 9,000 patient records, including names and addresses, were stolen from its patients. The hospital has committed to informing all affected patients in writing. The external service provider indicated that the cyberattack occurred in mid-April, expressing regret and emphasizing the seriousness of the incident.
The UKE has also confirmed that almost all university hospitals and major hospitals across Germany have been affected by this widespread cyberattack, highlighting a significant vulnerability within the healthcare sector’s external service providers.
Investigation Underway and Patient Notification Efforts
Both UKE and UKSH are actively engaged in addressing the aftermath of the cyberattack. While the data was not stolen directly from their internal servers, the reliance on external providers for critical services like billing has exposed a systemic risk. The focus now is on mitigating the damage, enhancing security measures, and ensuring transparent communication with affected patients.
The incident underscores the growing threat of cybercrime to healthcare institutions and the critical need for robust data protection strategies across the entire network of service providers. Authorities are likely to be investigating the extent of the breach and the methods used by the cybercriminals to prevent future occurrences.
