Over the weekend, a ransomware attack targeted the Hipocrate Information System (HIS), a crucial healthcare management system used by at least 21 hospitals in Romania. The attack resulted in the encryption of the system’s database, rendering it inaccessible and disrupting medical services across affected hospitals.
The Romanian Ministry of Health confirmed the cyber incident, stating that the attack occurred overnight on February 11-12, 2024. The Ministry disclosed that files and databases within the HIS were encrypted during the attack, prompting an immediate investigation by IT specialists, including cybersecurity experts from the National Cyber Security Directorate (DNSC).
As a precautionary measure, exceptional measures were activated for hospitals not directly affected by the attack, while DNSC advised against contacting the affected hospitals’ IT teams to allow them to focus on restoring services and data. The DNSC also updated the list of impacted hospitals, including regional centers and specialized treatment facilities across Romania.
In response to the attack, medical staff in affected hospitals reverted to traditional paper-based record-keeping methods, with admissions, prescriptions, and medical recommendations being documented manually. While the full extent of the data breach and the identity of the ransomware operators remain unclear, investigations continue as hospitals work to restore IT services and ensure the security of patient data.