Düsseldorf University Hospital Emergency Care Postponed After Alleged Cyber Attack

Düsseldorf University Hospital (UKD) has suffered a massive network failure that forced the healthcare facility to deregister from emergency care and postpone outpatient treatments, hospital officials disclosed last Thursday.

“There is currently an extensive IT failure at the University Hospital Düsseldorf (UKD),” the announcement reads. “This means, among other things, that the clinic can only be reached to a limited extent – both by telephone and by email. Planned and outpatient treatments will also not take place and will be postponed. Patients are therefore asked not to visit the UKD – even if an appointment has been made.”

On September 11, hospital officials said that a possible cyberattack on the facility is under investigation by local law enforcement and an external cybersecurity forensics team.

According to a press release, the failure of IT systems occurred gradually, and certain hospital operations that required computer access were no longer possible.

“In addition, the clinic cannot be reached by e-mail,” hospital officials said. “Except for a few extensions, the telephone system is already back in operation. The care of patients who are already being treated as inpatients at the UKD is still guaranteed.”

Additional updates were provided on September 14, when UKD announced a minor success in restoring some of its systems. “However, it is not yet possible to predict how much time this will take, because there are serious errors in several parts of the IT structure,” the notice reads.

As such, UKD continues to be deregistered as an emergency care unit, and patients with any treatment appointments are asked to contact outpatient services for additional information.

“There is no evidence that data has been permanently destroyed so that it will be available again for work on the UKD,” UKD added. “Although the extent of the system errors has now been analyzed, external specialist companies and the police are still working on investigating the cause.

Authorities are trying to determine whether criminal acts could be the reason for the failure. The Cybercrime Central and Contact Point (ZACNRW) at the Cologne Public Prosecutor’s Office will continue to provide information on these investigations and the search for the origin of the malfunction.”

Even if the UKD has not been able to locate the source and extent of their network failure, the six-day “lockdown” of their IT systems suggests a targeted cyberattack.

Cybercriminals have actively targeted healthcare institutions in the past year. Although these cyberattacks are directed towards hospital IT systems and networks, the aftermath can have severe consequences for patients in need of medical care.