Many weeks ago, there was a hacker attack on the MVZ Herz-Lungen-Praxis Hamburg-Bergedorf, a subsidiary that manages the practice information system of the LungenClinic Grosshansdorf. The attack initially resulted in the loss of 12.000 patient records, which have not yet been fully recovered.
After a long period of silence by the companies, it is now clear that unknown perpetrators encrypted the practice information system with ransomware over the turn of the year. As a result, the MVZ Herz-Lungen-Praxis Hamburg-Bergedorf was no longer able to access the approximately 12.000 patient master and health records. It is also unclear whether all data was leaked as a result of the IT security incident. LungenClinic Grosshansdorf was also affected by the encryption. Patients have apparently already been informed accordingly.
BSI informs – data recovery is underway
The incident was also reported to the Federal Office for Information Security (BSI) and the Hamburg Commissioner for Data Protection and Freedom of Information. The criminal investigation department and two external companies worked diligently to recover the encrypted data. According to initial information, this was achieved step by step. Currently, work is still underway to restore some of the data. The IT systems have also been overhauled and, according to the company, are more secure than before.
Somewhat surprising: According to the company, no ransom demands have been received to date. No data for sale has been found on known leak portals, either. Other information portals on current attacks also have no further information. But one thing should be clear: the practice and the clinic will soon face a hefty bill from the experts.
