Cyber Incident Victim: LUP-Kliniken

On February 10, 2025, the LUP-Kliniken hospital network in Ludwigslust-Parchim district, Germany, experienced a cyberattack disrupting operations at its Hagenow and Ludwigslust facilities. The intrusion was detected overnight, prompting immediate isolation of both sites from their communication networks as a precautionary containment measure. This isolation rendered email systems and public-facing websites inaccessible, severing digital communication channels with external parties. Despite these disruptions, hospital authorities confirmed core medical services remained operational, with emergency departments continuing to accept critical cases under standard protocols. Non-life-threatening cases were redirected following standard emergency department closure procedures, ensuring continuity of urgent care while mitigating risks from compromised IT infrastructure.

Landeskriminalamt (State Criminal Police Office) investigators initiated a formal inquiry into potential violations of computer sabotage and data espionage laws following the attack. Digital forensics specialists were deployed to both clinical sites to secure and analyze electronic evidence, though authorities released no specifics regarding attack vectors, perpetrator identities, or data compromise scope. Technical recovery efforts commenced concurrently with the criminal investigation, focusing on restoring secure network functionality. This incident marked the fourth reported case of computer sabotage in Mecklenburg-Vorpommern within the first six weeks of 2025, reflecting a regional pattern of escalating cyber threats against critical infrastructure. Hospital administrators and law enforcement provided no additional operational details or projected restoration timelines beyond confirming the containment and remediation processes were actively underway.