Cyber Incident Victim: Klinik am Kurpark

On August 27, 2024, the Klinik am Kurpark in Reinhardshausen, Germany, suffered a cyberattack that disrupted its central IT systems. Criminal actors infiltrated the clinic’s electronic data processing infrastructure overnight, triggering operational failures. The attackers compromised server systems before encrypting data, with a high probability of exfiltrating personally identifiable information belonging to patients, employees, and business partners. Clinic management, led by CEO Georg Schuster, immediately isolated and secured affected systems to contain the incident. Authorities including the Hessian State Criminal Police Office, public prosecutors, and data protection regulators were notified. External IT security specialists specializing in forensics, incident response, and data protection were engaged to investigate the breach and restore operations. The clinic acknowledged the attackers’ unauthorized access to sensitive data but emphasized no evidence yet of public data leaks.

Despite the IT disruption, the clinic maintained most patient care operations, including new admissions, using analog processes after its digital patient application became unavailable. The facility, which employs 170 staff and operates 228 patient beds, prioritized transparent communication, establishing a dedicated contact line (05621-702-144) and email address ([email protected]) for affected individuals. Management committed to notifying parties separately if compromised data surfaces online. Recovery efforts focused on reactivating systems while preserving evidence for law enforcement investigations. The clinic expressed regret for the inconvenience but did not disclose technical specifics of the attack vector, data volumes impacted, or ransom demands. Operational continuity measures remained in effect as of September 4, 2024, with no projected restoration timeline provided.