Cyber Incident Victim: Evangelisches Krankenhaus Lippstadt

On March 30, 2021, the Evangelical Hospital in Lippstadt (EVK) experienced a disruptive cyberattack involving external malware that compromised its entire IT infrastructure. The attack was detected in the morning, prompting immediate system shutdowns to contain further damage. Critical patient documentation systems were rendered inoperable, forcing the hospital to implement a near-total admission freeze. Only severe emergency cases, active obstetrics patients, maternity ward admissions, and premature infant care remained operational. All elective surgeries and planned inpatient stays were canceled indefinitely, with affected patients instructed to reschedule via telephone through department secretariats starting the following day. Emergency patients with life-threatening conditions received initial stabilization in the EVK emergency room before being transferred to other facilities, while non-critical acute cases were redirected to Trinity Hospital or neighboring institutions. The hospital’s phone systems remained functional, but email communications were completely disabled throughout the incident.

Patient care for existing inpatients continued without interruption, and obstetric services for active deliveries or pregnancy complications were maintained. The hospital coordinated with regional emergency medical services and nearby healthcare facilities to manage patient diversions. EVK administrators filed criminal charges with local police and engaged both law enforcement and external cybersecurity specialists to investigate the attack and restore systems. Operational disruptions persisted indefinitely as recovery efforts continued, with no public attribution or confirmed motive for the attack provided in initial statements. The incident caused significant service limitations across all hospital departments except specified critical care units, demonstrating broad impacts on clinical operations and community healthcare access.