[KorfmannArno]

The Problem seems to be that the hackers planted a backdoor in early 2020.

So, the security hole was actually patched shortly after release of the security patch.

Edit:

Source: https://www.heise.de/news/Cyber-Angriff-auf-Uniklinik-Duesse...