Cyber Incident Victim: Hochschule Ruhr West

On January 31, 2023, Hochschule Ruhr West (HRW) experienced a significant disruption to its IT infrastructure following an external cyber attack. The institution proactively disconnected all systems from the internet as a containment measure, rendering most university services unavailable. HRW established a dedicated offline website ("HRW-offline") as its primary communication channel, emphasizing its role as the central, reliable information source for all university members during the incident. Initial updates confirmed the cyber attack's occurrence and outlined immediate operational restrictions, including a strict prohibition against powering on or using official work computers. The IT department began working intensively to restore systems but provided no specific timeline for full recovery.

The crisis management team activated promptly to coordinate response efforts, with plans to deliver phased updates to different stakeholder groups through the HRW-offline platform. As of February 3, 2023, the university reiterated that work devices remained prohibited from use and explicitly banned the utilization of personal computers for official tasks. HRW scheduled its next formal update for the following Monday, indicating an ongoing assessment process. No technical details regarding the attack vector, attacker identity, or data compromise were disclosed in the available communication. Service restoration efforts continued without public specification of affected systems beyond the broad impact on "most services." The institution maintained its focus on containment through network isolation and enforcing device usage restrictions throughout the initial response phase.