Hackers steal patient and billing data from German hospitals via third-party provider

Multiple German university hospitals disclosed a large-scale data breach after attackers breached external billing provider Unimed in mid-April, exposing personal and billing-related health information for tens of thousands of patients at institutions including Freiburg, Cologne, Heidelberg, Tübingen, Ulm and Mannheim. Hospitals said clinical systems and patient treatment were not affected, transfers to the provider were halted, Unimed has not commented, no threat actor has claimed responsibility, and affected hospitals are considering legal action.