Security News > 2024 > February > Romanian hospital ransomware crisis attributed to third-party breach
The Romanian national cybersecurity agency has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider.
All hospitals caught up in the ransomware scourge are thought to have been breached via the HIS. Per legal reporting obligations in Romania, service providers must inform the DNSC and national CSIRT of incidents that significantly impact the continuity of essential services.
"We are exactly in the scenario of the Backmydata/Phobos ransomware incident that affected dozens of hospitals in Romania," the DNSC said today.
The scale of the ransomware emergency in Romania is bordering on the unbelievable as now more than 100 hospitals have been either disconnected from the internet or had their files encrypted.
The ransomware used was said to be called Backmydata, a variant of the Phobos ransomware family that's been around for years under various guises and interactions.
Most recently a slightly modified version of Phobos was deployed by the 8Base ransomware group, although it should be said that 8Base has not claimed nor been attributed to the attacks in Romania.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/02/14/romanian_hospital_ransomware_crisis/
Related news
- Anna Jaques Hospital ransomware breach exposed data of 300K patients (source)
- LA housing authority confirms breach claimed by Cactus ransomware (source)
- Helldown ransomware exploits Zyxel VPN flaw to breach networks (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- BT unit took servers offline after Black Basta ransomware breach (source)
- Romanian energy supplier Electrica hit by ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Romanian Netwalker ransomware affiliate sentenced to 20 years in prison (source)
- Krispy Kreme breach, data theft claimed by Play ransomware gang (source)