Over 100 hospitals in Romania were disconnected from the internet and switched to pen and paper during a cyber-attack in February 2024. This was reported by Qazaqyia.kz citing BBC News.
The cyber-attack began when calls came in from hospitals to Romania's national cyber-security centre (DNSC). Criminals were spreading through a popular medical software. Cyber-chief Dan Cimpean made a tough decision: order over 100 hospitals to disconnect from the internet.
The attack started on 10 February 2024 and lasted four days. Hackers breached Bucharest-based software firm RSC, burrowing into a widely used medical system called Hippocrates, and spread a ransomware strain called BackMyData. 26 hospitals were infected. Medical staff switched to pen and paper, improvising workarounds to protect patients.
Surgeon Oana Goidescu from Buzău Hospital said: "It was quite an unpleasant experience, because an IT record is not just a list of patients. For each patient, we request lab tests, radiology, medicines and supplies. All of that was gone."
Cyber-investigators worked through the night and found 26 hospitals had been infected. Uninfected hospitals were brought back online with added protections. DNSC used media to communicate with the public, urging patients to avoid hospitals unless necessary.
Doctor Vlad Paic from Carol Davila Hospital in Bucharest said: "When we saw the system would not be repaired quickly, we developed an offline method so we could register every patient. We asked the laboratory to give us results on paper. We used Excel and other offline tools to ensure care was not affected."
The incident has become a test case for disaster planners internationally.