Kommunität Diakonissenhaus Riehen

Kommunität Diakonissenhaus Riehen operates as a religious community integrated with healthcare services within Switzerland. Its core functions encompass spiritual activities associated with a Diakonissenhaus, traditionally a deaconess institution, alongside providing healthcare facility operations. The nature of its work involves pastoral care and likely residential or community support services tied to its religious mission. The organisation serves its local community in Riehen, Switzerland, focusing on the needs within its specific geographic and spiritual context. Its operational scope includes managing events, internal administrative processes, and facility logistics like cafeteria services.

The organisation faced a significant cybersecurity incident on September 4, 2022, when it was targeted by the LockBit ransomware group. This attack severely disrupted its IT infrastructure, resulting in the loss of access to critical systems including servers, files, printers, and applications. Attackers issued a ransom demand alongside encrypting systems. In response, the institution disconnected affected components to contain the breach and initiated offline scans to identify malware. Credential resets were performed as a security measure, and services were subsequently restored without reported ongoing IT disruptions following remediation efforts.

Following the attack, the LockBit group leaked approximately 17 gigabytes of data allegedly stolen from the Diakonissenhaus. This leaked information primarily consisted of operational documents such as event plans, meeting protocols, and cafeteria orders. Initial reviews conducted by the organisation indicated that sensitive employee information and pastoral care data were not exposed in this leak. However, the institution explicitly confirmed that data theft did occur during the breach, though the specific nature and full extent of the compromised sensitive information remained undetermined during their internal investigation. Authorities were notified about the incident, and a criminal complaint was filed by the organisation. This event underscored LockBit's known tactic of exploiting vulnerabilities in entities regardless of their sector, including non-traditional targets like religious and healthcare communities.