Cybersecurity NewsNews

Ransomware Disrupts 18 Healthcare Services in Romania


Several hospitals in Romania faced significant disruptions recently due to a ransomware targeting their healthcare management system known as the Hipocrate Information System (HIS).

As a result of the database encryption, the system that was crucial for managing medical activities and patient data became inaccessible over the weekend.

Romania Confirms Attack

Moreover, the attack was confirmed by the Romanian Ministry of Health, which noted that the HIS servers were compromised and their critical files and databases were encrypted.

An investigation, led by IT specialists and cybersecurity experts from the National Cyber Security Directorate (DNSC), is currently underway to assess the extent of the damage and explore recovery options. Precautionary measures have been implemented for hospitals unaffected by the attack.

The impact of the ransomware attack extended to various healthcare facilities across Romania, including regional hospitals, cancer treatment centers, and specialized institutes.

DNSC cybersecurity experts are actively investigating the incident, advising affected hospitals against engaging with their IT teams to prioritize the restoration of IT services and data.

The Ministry of Health released a list of affected hospitals, including notable establishments such as the Emergency Hospital of Plastic, Reconstructive and Burn Surgery in Bucharest and the Oncological Institute “Prof. Dr. Dr. Al. Trestioreanu” in Bucharest (IOB).

The list of impacted hospitals shared by the Ministry of Health by the time this article was published includes:

  • Emergency Hospital of Plastic, Reconstructive and Burn Surgery Bucharest
  • Azuga Orthopaedics and Traumatology Hospital
  • Emergency County Hospital “Dr. Constantin Opris” Baia Mare
  • “Sf. Apostol Andrei” Emergency County Clinical Hospital Constanta
  • Oncological Institute “Prof. Dr. Dr. Al. Trestioreanu” Institute Bucharest (IOB)
  • Military Emergency Hospital “Dr. Alexandru Gafencu” Constanta
  • Sighetu Marmației Municipal Hospital
  • Targoviste Emergency County Hospital
  • C.F. Clinical Hospital no. 2 Bucharest
  • Fundeni Clinical Institute
  • Iasi Regional Institute of Oncology (IRO Iasi)
  • Buzău County Emergency Hospital
  • Slobozia County Emergency Hospital
  • Institute of Cardiovascular Diseases Timișoara
  • Hospital for Chronic Diseases Sf. Luca
  • Colțea Clinical Hospital
  • Medgidia Municipal Hospital
  • Pitesti County Emergency Hospital

However, the identity of the ransomware group behind the attack and the status of the patients’ personal or medical data remain unknown.

The software service provider, Romanian Soft Company SRL (RSC), responsible for the HIS, has not issued a public statement regarding the incident, despite attempts to reach out for comment