Cyber Incident Victim: Germany
Date:
Jul 2024
Location:
Germany
Summary
A cyberattack targeted the Frankfurt University of Applied Sciences, compromising parts of its IT infrastructure and prompting immediate security measures including the shutdown of external system access and critical services. The incident disrupted online enrollment, website functionality, and elevator operations, while internal communications shifted to maintenance pages and social media platforms. Despite these disruptions, in-person classes continued unaffected. Authorities were notified, though restoration timelines remain unclear. This attack follows similar incidents affecting other regional academic and medical institutions in recent months, highlighting recurring cybersecurity challenges in the sector.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 6, 2024, at 20:00 local time, unidentified attackers breached portions of the IT infrastructure at Frankfurt University of Applied Sciences (UAS), prompting an immediate institutional response. The university administration confirmed the incident as a "serious hacker attack" in an official statement released on Monday, July 8, acknowledging that criminals had circumvented existing high-security measures to gain unauthorized access. As a containment measure, UAS disabled external access to all IT systems and powered down multiple services, including the institution's primary website and online enrollment portals. Physical security protocols were concurrently activated, resulting in the deliberate deactivation of elevator systems across campus buildings as a precautionary measure. The Hessenschau news outlet reported these initial developments as police and relevant authorities were notified of the intrusion. University operations transitioned to emergency protocols, with academic activities continuing through in-person instruction unaffected by the digital shutdown.
The cyberattack caused significant operational disruptions, rendering UAS unreachable through standard communication channels and forcing the institution to rely on alternative platforms for incident updates. Administrators disseminated information through a maintenance status page, LinkedIn, Facebook, and internal campus network notifications to maintain contact with students and staff. Critical services including digital enrollment systems remained offline indefinitely, with no restoration timeline provided by university officials. The deliberate shutdown of elevator systems introduced additional physical accessibility challenges across campus facilities. This incident follows a pattern of attacks targeting German academic institutions, including a May 2024 breach at the Wiesbaden Police University involving sensitive data theft, a prior email address leak at Mainz University Medical Center, and an October 2023 ransomware attack on Frankfurt University Hospital that disrupted billing systems. UAS continues to operate under restricted digital conditions while forensic investigations proceed.