The attack caused the failure of IT systems at Duesseldorf’s University Hospital two weeks ago. A woman who needed urgent admission died after she had to be taken to another city for treatment.
WDR quoted investigators as saying that the attack “may have been part of a worldwide, commercial malware campaign.” Authorities previously said the attackers exploited a weak spot in “widely used commercial add-on software,” which they didn’t identify.
The attackers appeared to have intended to target the Heinrich Heine University, to which the Duesseldorf hospital is affiliated, and not the hospital itself. When Duesseldorf police established contact and said the hospital, and not the university, had been affected, endangering patients, the perpetrators withdrew their extortion attempt and provided a digital key to decrypt the data.