Database of Romanian hospital held for ransom by hackers

04 January 2023

The Saint Gheorghe Recovery Hospital in Botoşani, in northeastern Romania, was the target of a ransomware attack in December, and medical activity is still impacted. Hackers demanded 3 Bitcoin for the decryption of the data on the servers.

The attack is similar to the one in the summer of 2019, when four other hospitals in Romania were targeted. The hackers apparently got through by using a remote connection accessed by one of the maintenance companies. The hackers entered the system and encrypted the December database. After that, they left a message, in English, asking for a ransom of 3 Bitcoin, or approximately EUR 46,400.

The attack was complex, and neither computer scientists from DIICOT, nor a series of analysts from Romanian antivirus company BitDefender were able to decrypt the files, according to Monitorul de Botosani.

"We have already notified the National Directorate of Cyber Security and DIICOT. An investigation has been launched and we are waiting to see what happens. I cannot say more at the moment. It is certain that from Monday we hope to resume medical activity at normal capacity," stated doctor Cătălin Dascălescu, the manager of the Recovery Hospital.

With its database encrypted, the hospital cannot report the services performed in the last month of 2022. For this reason, it cannot receive the money for these services. The Health Insurance House (CAS) representatives say, however, that they are trying to find solutions so that the sanitary unit can pay salaries.

radu@romania-insider.com

(Photo source: Peerapong_boriboon | Dreamstime.com)

Normal

Database of Romanian hospital held for ransom by hackers

04 January 2023

The Saint Gheorghe Recovery Hospital in Botoşani, in northeastern Romania, was the target of a ransomware attack in December, and medical activity is still impacted. Hackers demanded 3 Bitcoin for the decryption of the data on the servers.

The attack is similar to the one in the summer of 2019, when four other hospitals in Romania were targeted. The hackers apparently got through by using a remote connection accessed by one of the maintenance companies. The hackers entered the system and encrypted the December database. After that, they left a message, in English, asking for a ransom of 3 Bitcoin, or approximately EUR 46,400.

The attack was complex, and neither computer scientists from DIICOT, nor a series of analysts from Romanian antivirus company BitDefender were able to decrypt the files, according to Monitorul de Botosani.

"We have already notified the National Directorate of Cyber Security and DIICOT. An investigation has been launched and we are waiting to see what happens. I cannot say more at the moment. It is certain that from Monday we hope to resume medical activity at normal capacity," stated doctor Cătălin Dascălescu, the manager of the Recovery Hospital.

With its database encrypted, the hospital cannot report the services performed in the last month of 2022. For this reason, it cannot receive the money for these services. The Health Insurance House (CAS) representatives say, however, that they are trying to find solutions so that the sanitary unit can pay salaries.

radu@romania-insider.com

(Photo source: Peerapong_boriboon | Dreamstime.com)

Normal

Romania Insider Free Newsletters