Security News > 2024 > February > Romanian hospital ransomware crisis attributed to third-party breach
![Romanian hospital ransomware crisis attributed to third-party breach](/static/build/img/news/romanian-hospital-ransomware-crisis-attributed-to-third-party-breach-medium.jpg)
The Romanian national cybersecurity agency has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider.
All hospitals caught up in the ransomware scourge are thought to have been breached via the HIS. Per legal reporting obligations in Romania, service providers must inform the DNSC and national CSIRT of incidents that significantly impact the continuity of essential services.
"We are exactly in the scenario of the Backmydata/Phobos ransomware incident that affected dozens of hospitals in Romania," the DNSC said today.
The scale of the ransomware emergency in Romania is bordering on the unbelievable as now more than 100 hospitals have been either disconnected from the internet or had their files encrypted.
The ransomware used was said to be called Backmydata, a variant of the Phobos ransomware family that's been around for years under various guises and interactions.
Most recently a slightly modified version of Phobos was deployed by the 8Base ransomware group, although it should be said that 8Base has not claimed nor been attributed to the attacks in Romania.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/02/14/romanian_hospital_ransomware_crisis/
Related news
- London hospitals left in critical condition after ransomware attack (source)
- Major London hospitals disrupted by Synnovis ransomware attack (source)
- Qilin ransomware gang linked to attack on London hospitals (source)
- London hospitals face blood shortage after Synnovis ransomware attack (source)
- TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers (source)
- Panera warns of employee data breach after March ransomware attack (source)
- London hospitals cancel over 800 operations after ransomware attack (source)
- Keytronic confirms data breach after ransomware gang leaks stolen files (source)
- Qilin: We knew our Synnovis attack would cause a healthcare crisis at London hospitals (source)
- Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach (source)