Several German university hospitals say hackers stole patient and billing data after breaching Unimed, an external provider used to process invoices for privately insured and self-paying patients. Disclosures from Cologne, Freiburg, Heidelberg, Tübingen, Ulm and Mannheim say the intrusion occurred in mid-April and exposed names, addresses, physician details, and in some cases diagnosis, treatment, communications, and limited bank or payment data. Hospitals said their own clinical systems were not breached and patient care was not disrupted.
Why it matters: This affects highly sensitive medical data, including some diagnosis and treatment information, so impacted patients may face privacy harms, impersonation attempts, or fraud. Affected hospitals have stopped sending data to Unimed; patients should watch for breach notices and be cautious of unsolicited calls, emails, or billing messages referencing their care.
2026.05.21
100% relevant
This article establishes a distinct new breach event centered on Unimed's compromise and the resulting exposure of patient and billing records across multiple German hospitals.
← Back to all stories