A massive ransomware cyber attack on a service provider for several hospitals in Romania occurred on Monday, February 12. The attack affected Several hospitals, most of them hospitals in Bucharest. None of the affected hospitals could offer any services to patients, and the IT systems were down for hours.
The Romanian National Directorate of Cyber Security (DNSC) officially communicated that it is investigating a cyber attack executed with the Backmydata ransomware application, a virus from the Phobos ransomware family, which encrypted data from the servers of several hospitals in Romania that use the HIPOCRATE IT platform.
At least 21 hospitals have been confirmed to be affected by the attack. According to DNSC data, 79 other units in the health system have been disconnected from the Internet, and additional investigations are being conducted on them to determine whether they were (or not) the target of the attack.
It is true. More hospitals encounter problems with the use of a meaningful computer program in the operation of hospitals – it is called Hiprocrate. We do not know exactly how many hospitals there are at the moment. We do not have the information, but we are working with the National Cyber Security Center to elucidate and remedy the causes. From the information we have, between 15 and 20 hospitals throughout the country are affected.
The Minister of Health for Agerpres
Most affected hospitals have backups of data from the affected servers, with data saved relatively recently (1-2-3 days ago), except for one, whose data was saved 12 days ago. This could allow for easier restoration of services and data.
Romania is targeted by hackers almost every week, and the success of the attacks proves the country is vulnerable. A week ago, the Romanian Parliament’s servers were successfully hacked. Previously, other major security breaches occurred in state institutions, such as ministries or agencies, such as the one in April 2022 against some ministries or the one in October 2023 against Romanian media, both from Russian hackers. Still, it has never been such a significant data theft or a crucial institution.
![](https://valahia.news/wp-content/uploads/2020/07/Advertise-your-business-with-us-1.jpg")
