The Catholic Hospital Association of East Westphalia, is a network of six hospitals: the Franziskus Hospital Bielefeld, the Sankt Elisabeth Hospital Gütersloh, the Sankt Lucia Hospital in Harsewinkel, the Marienhospital Oelde, the Mathilden Hospital Herford and the Sankt Vinzenz Hospital Rheda-Wiedenbrück. As seen on the health system’s website at KHO.de:
IT system failure after cyber attack
In the early morning hours of December 24th, 2023, the entire IT system of the hospitals Franziskus Hospital Bielefeld, Sankt Vinzenz Hospital Rheda-Wiedenbrück and Mathilden Hospital Herford failed. Patient-relevant information can be found on the respective homepages.
Unknown persons gained access to the hospitals’ IT infrastructure systems and specifically encrypted data. An initial check showed that it was probably a cyber attack by Lockbit 3.0, the timeline for which is currently not foreseeable. For security reasons, as soon as it became known, all systems were shut down that night and all necessary people and institutions were informed. No information can be given at this time about the extent of the damage or any claims or conditions. “We set up a crisis team that night and began analyzing the situation. Access to all systems was immediately blocked. Thanks to our security systems, patient data is still available for patient treatment,” says Dr. Jan Schlenker, Managing Director of KHO gGmbH. The responsible authorities have been informed and the internal and external IT security specialists are working hard to clarify the matter and secure all data. “Our security work is in full swing. Patient care is still guaranteed and the clinic continues to operate with slight technical restrictions, but we have withdrawn from emergency care for safety reasons,” said deputy managing director Philipp Herzog.
As noted above. LockBit3.0 is suspected of being responsible for the attack, but as of publication, there is no claim on the threat actors’ leak site.