Eighteen hospitals in Romania cannot report medical services, forcing patients to wait in emergency rooms after a ransomware cyberattack occurred on Monday morning, February 12, targeting a service provider for several health units.
„Several hospitals are affected by the attack. At this moment, a team of DNSC specialists has been dispatched to the scene to investigate the cyber incident,” the National Directorate for Cybersecurity said.
DNSC recommends that the IT teams of the hospitals should not be contacted, so they can focus on restoring IT services and data, which is a priority.
Health minister Alexandru Rafila initially stated that between 15 and 20 hospitals in the country and in Bucharest are experiencing problems using the Hipocrate computer system.
„It’s true. There are several hospitals facing issues with the use of an important computer program in hospital operations – it’s called Hiprocrate. We don’t know exactly how many hospitals are affected at the moment. We don’t have the information, but we are working together with the National Cybersecurity Center to elucidate the causes and remedy them,” the minister said, according to Agerpres.
An official press release from the Ministry of Health later specified that 18 hospitals were affected by the attack:
The Emergency Clinical Hospital for Plastic Surgery, Reconstructive Surgery and Burns, Bucharest
Azuga Orthopedics and Traumatology Hospital „Dr. Constantin Opris”
Baia Mare Emergency Hospital
„Sf. Apostol Andrei” County Clinical Emergency Hospital, Constanța
„Prof. Dr. Al. Trestioreanu” Oncology Institute, Bucharest (IOB)
„Dr. Alexandru Gafencu” Military Emergency Hospital, Constanța
Sighetu Marmației Municipal Hospital
Targoviste County Emergency Hospital
C.F. Clinic Hospital No. 2, Bucharest
Fundeni Clinical Institute
Regional Oncology Institute Iași (IRO Iași)
Buzău County Emergency Hospital
Slobozia County Emergency Hospital
Timișoara Institute of Cardiovascular Diseases
St. Luca Chronic Diseases Hospital
Colțea Clinical Hospital
Medgidia Municipal Hospital
Pitești County Emergency Hospital
„The information came from the Hipocrate system, which appears to have been attacked, and we stopped access to the public internet. Currently, we are operating offline. We have not sent patients home, and we continue our activity, albeit with a bit more difficulty,” representatives of the „Bagdasar Arseni” Hospital conveyed.
It remains to be determined how the reporting and accounting of these services will be conducted because if they cannot be entered into the system, the hospitals will not be able to obtain funds from the National Health Insurance budget.
„Currently, a flood-type cyberattack towards a certain class of the hospital’s public IP addresses is ongoing. We have blocked access to certain ports that were the target of the attacks. The attacks are coming from a botnet network and are still ongoing. Regarding the hospital’s functionality, we are currently monitoring the attacks, and the services are not affected,” announced Târgu Jiu County Hospital, cited by Digi24.
The administrator of the company that manages the Hippocrates system told Euronews Romania that there were backups and that system functionality could get back by Tuesday morning.