Ransomware hits over 100 Romanian hospitals, disrupting critical services

A ransomware attack has impacted over a hundred healthcare facilities in Romania, leading to disruptions in crucial services. Children’s and emergency hospitals were among the affected, prompting some medical professionals to resort to manual record-keeping. The cyber attackers demanded 3.5 Bitcoin, equivalent to over £130,000, to decrypt essential files that had been encrypted.

As a precautionary measure, various facilities went offline, including a widely used medical information system targeted during the overnight attack on Monday, as reported by the Romanian Ministry of Health. The Pitesti Paediatric Hospital was the initial point of impact, with 25 hospitals directly affected, and 79 others temporarily taken offline pending investigations into potential compromises.

While the type of malware has been identified, the responsible group remains unknown, as the ransom demand only provides an email address. IT specialists, including experts from the National Cyber Security Directorate (DNSC), are actively investigating the incident. Fortunately, recent backups of data from affected servers in most hospitals are expected to minimize the overall impact and facilitate a swift recovery.

Despite this, the repercussions for patients could be significant, as numerous hospitals have had to disconnect internet-connected devices as a precaution. This not only affects booking and record systems but also critical medical equipment such as MRI scanners, highlighting the broader consequences of such cyber attacks on healthcare infrastructure.