The death came after the patient was transferred to a nearby hospital after Düsseldorf University Hospital was attacked with ransomware.
German authorities are investigating the death of a patient in a ransomware attack on a hospital in Düsseldorf, according to ZDNet.
The patient, identified only as a woman in need of urgent medical attention, died after being transferred to a hospital in the city of Wuppertal, more than 30 km from her original intended destination, Düsseldorf University Hospital.
The Düsseldorf hospital was unable to accept her as she was in the process of fighting a ransomware attack on September 10, last week, that hit her network and infected more than 30 internal servers.
The incident was the first recorded human death in history indirectly caused by a ransomware attack.
The patient’s death is currently under investigation by German authorities. If it turns out that the ransomware attack and the hospital downtime were the direct cause of the woman’s death, German police have said they plan to turn their investigation into a murder case.
According to the German news agency RTL, the extortionist gang withdrew their ransom demand after they were approached by the German police. The hospital has since received the transcript and is rebuilding its systems.
In a tweet yesterday, hospital officials blamed ransomware on a vulnerability in widely used commercial software.
In a subsequent tweet, the same officials said they had notified German authorities, such as the German cybersecurity agency BSI, who are responsible for issuing the relevant security alerts.
A day earlier, BSI issued a surprise alert asking German companies to update their Citrix network gateways to address CVE-2019-19871, a known ransomware entry point.
The Associated Press also reported yesterday that the entire attack on the hospital’s network appears to have been a failed attempt to threaten a local university (Düsseldorf’s Heinrich Heine University), and the hospital was only part of a larger network.