It's always a scary moment in time when a cyberattack has devastating, real-world consequences. It doesn't happen all too often, but when it does, it can cause a lot of pain and consequences for those involved.
One of Spain's leading hospitals, Hospital Clinic de Barcelona, was hit by a ransomware attack on Sunday, March 5th, that affected its computer systems and forced the cancellation of thousands of appointments and surgeries.
The attack was reported to the Cybersecurity Agency of Catalonia and was carried out by a group called RansomHouse, which demanded a ransom in exchange for decrypting the files.
According to Bleeping Computer, RansomHouse launched in May 2022 as a data extortion marketplace but claimed not to use ransomware in its attacks. However, it was soon discovered to be linked to the WhiteRabbit ransomware encryptor and to other ransomware attacks.
The hospital said that no patient data was compromised or stolen and that urgent services were not affected. However, computers at laboratories, the emergency room, and the pharmacy were shut down at three main centers and several external clinics.
The hospital had to cancel 150 non-urgent operations and up to 3,000 patient checkups as a result of the attack. It said that it had backups of its data and was working to restore its system as soon as possible.
The attack was one of the latest examples of cyberattacks targeting hospitals around the world since the beginning of the COVID-19 pandemic.
If you are an information security professional in the medical field, register for the SecureWorld Healthcare virtual conference on April 12, 2023.
Follow SecureWorld News for more stories related to cybersecurity.