How 2 Ransomware Attacks on 2 Hospitals Led to 2 Deaths in Europe

Cybercrime is often seen as a threat to privacy or money, but recent years show it can cost lives too. Ransomware, once just a way for criminals to lock files for cash, now disrupts hospitals and treatment, turning data extortion into a real danger for patients who need urgent care. When hospitals can’t access vital systems, people can and do die, a harsh reality now witnessed in Europe not once but twice.

Death in the United Kingdom

In June 2024, as reported by Hackread.com, the UK’s National Health Service suffered one of its most serious cyber incidents. The Russian-speaking Qilin ransomware group broke into Synnovis, a company that handles pathology services for major London hospitals like King’s College and Guy’s & St Thomas’.

This attack crippled blood test services across the capital, delaying vital operations and treatments. According to an incident update from the College issued last week, one patient, who needed urgent care, died unexpectedly during this crisis. Investigators confirmed the ransomware attack was a factor. The Qilin gang didn’t care that their demand for money put human lives on the line, they published stolen files online as proof of their crime, using patient safety as leverage.

Death in Germany

Four years earlier, a similar incident took place in Germany. In September 2020, hackers targeted Düsseldorf University Hospital with ransomware that shut down around 30 servers. Doctors had no choice but to shut the emergency department.

As a result, a critically ill woman who arrived needing urgent surgery had to be sent 32 kilometers (almost 20 miles) away. The delay cost her life. Local prosecutors considered charging the attackers with negligent homicide, a rare but deserved move against criminals who turned people’s medical emergencies into their payday.

Ransomware and Windows Operating System

These tragedies go on to show that hospitals remain lucrative and soft targets for cybercriminals. Many hospitals still rely on Windows systems, which attract ransomware because most malware is built to hit Windows environments.

Protecting these systems is possible but demands serious discipline, up-to-date backups stored safely offline, strong passwords and multi-factor logins, constant patching and smart network setups that keep infections from spreading unchecked. Staff also need training since many ransomware attacks start with a human factor and their single careless click on a fake email.

The use of legacy OS in healthcare is a whole new scandal as Kaspersky’s 2021 report found 73% of healthcare providers using medical equipment with a legacy OS. A legacy operating system is an old system that its developers no longer actively support or update. It’s usually been replaced by newer versions and doesn’t get the security fixes or patches needed to stay protected, which leaves it more open to attacks.

Some argue that Linux could help because fewer ransomware strains target it, and its security model makes it harder for malware to gain deep control. That’s true to a point, but moving an entire hospital to Linux is next to impossible because critical devices like lab equipment, MRI scanners, and medical record systems run on Windows-only software approved and supported by specific vendors. Hospitals can’t just replace them overnight.

Therefore, unfortunately, it all comes back to a better approach to increasing security on the systems they already use rather than imagining an easy switch that won’t happen anytime soon. Additionally, the Kaspersky report mentioned earlier found that hospitals use legacy operating systems from both Windows and Linux. So what’s the point of using Linux if it’s an outdated version?

Fancy Alliance is Not Working

In November 2023, a US-led alliance of 40 countries announced plans to target the ransomware ecosystem with new efforts to disrupt ransom payments, dismantle criminal infrastructure, and share intelligence across borders.

Yet by February 2025, ransomware attacks had surged by a record 126% as cyber criminals exploited file transfer vulnerabilities, infostealers, and AI-driven tactics to stay ahead.

Ransomware Gangs Targeting Healthcare and Hospitals Are Parasites

What makes this all worse is the people behind these attacks. Ransomware gangs like Qilin are not brilliant hackers, they are parasites living off broken systems, careless setups and human mistakes. They hide in safe countries that turn a blind eye to their crimes.

These governments should stop pretending this is a normal petty crime and start treating it as the threat to human life it is. Any country giving shelter to ransomware criminals should hunt them down, seize their profits and put them behind bars for every life their greed destroys.

In the end, hospitals shouldn’t be forced to choose between saving lives and paying off criminals. These two deaths are proof that ransomware is no longer just about data, it’s about whether patients live or die when cyber criminals shut systems down. That should be enough to push every hospital, vendor and government to take this threat as seriously as it deserves.