For the first time in the history of ransomware, a patient death has been directly linked to a file encrypting malware attack. According to sources, a woman suffering with a life threatening condition was diverted to a remote hospital because of a ransomware attack caused by a Citrix add-on software vulnerability, eventually causing death of the patient because of delay in treatment.
The hospital in discussion is the Düsseldorf University Hospital, Germany and the law enforcement is investigating the incident as a certain section of the media is linking the incident to the suspected manslaughter that was reported by Associated Press related news source NTV on Wednesday.
According to the sources reporting to Cybersecurity Insiders, the incident was unexpected as the hospital had no other choice rather than to send the patient some 20 miles away from where she was supposed to seek the treatment-due to the fact that the digital services were all compromised with malware.
Some unconfirmed reports say that the file encrypting malware struck the database in the early hours of Thursday and around 30 servers pertaining to Heinrich Heine University, to which Düsseldorf Hospital was connected, were severely impacted.
As soon as the law enforcement learned about the incident, they immediately contacted the hackers spreading the ransomware and informed them that their malware was impacting emergency services of a hospital and not the data related to the university.
Surprisingly, the hackers withdrew the ransom demand and reportedly provided the decryption key to unlock the servers, said a spokesperson from the office of Justice Minister for North Rhine- Westphalia State. But all this activity consumed time, resulting in the death of an innocent women patient.
More details are awaited!