Romanian Hospitals Forced to Use Paper After Major Cyberattack

In February 2024, over 100 hospitals in Romania were targeted by a significant cyberattack that exploited vulnerabilities in the Hippocrates medical software, deploying ransomware known as BackMyData. The attack forced the national cyber-security centre to disconnect hospitals from the internet to prevent further spread, impacting patient care and operations. Medical staff reverted to pen and paper for patient records and care processes, creating temporary offline systems to continue treatment. The ransomware demanded a ransom of €160,000 in bitcoin, which the Romanian government refused to pay. This incident has been recognized as one of the largest cyberattacks on healthcare systems globally, prompting discussions on disaster response strategies. Cyber investigators identified that 26 hospitals were infected, highlighting the vulnerability of healthcare infrastructure to cyber threats.

Key Points: • Over 100 Romanian hospitals disconnected from the internet to mitigate a ransomware attack. • The ransomware, BackMyData, scrambled files and demanded €160,000 in bitcoin as ransom. • Medical staff adapted by using manual processes, demonstrating resilience in crisis management.