Ransomware attack spreads chaos at a major hospital in Barcelona


The Hospital Clinic de Barcelona has fallen victim to a ransomware attack, resulting in the cancelation of thousands of medical appointments.

According to El País newspaper, the attack on Saturday caused computers to shut down across numerous clinics, laboratories, and the emergency room, with the hospital's website also becoming unavailable.

Up to 3,000 patient checkups, including radiotherapy visits, and 150 non-urgent operations were canceled on Monday due to staff being unable to access patients' clinical records.

“We will not pay a cent,” said Segi Marcén, telecommunications secretary for the regional Catalonia government, adding that the hospital would not make a ransom payment even if one was demanded.

Marcén stressed that there had been no communication with the attackers, allegedly the RansomHouse group. "We are focusing on recovering the information," he said, and announced that work is underway on a cybersecurity intervention plan that integrates the entire Catalan healthcare system.

The RansomHouse gang claims to be just a "professional mediators community" and denies producing or using ransomware, despite a history of targeting other organizations such as semiconductor company AMD.

No access to patient data systems

Recovery efforts will be gradual as IT staff must ensure that systems are not restored while the attackers still maintain some level of access.

Staff at the hospital have been forced to write on paper and do not have access to electronic patient data-sharing systems. The facility’s press department announced urgent cases being diverted to other hospitals.

“We can’t make any prediction as to when the system will be back up to normal,” said the hospital director, Antoni Castells, adding that there was a contingency plan to keep services functioning for several days, although he hoped the system would be fixed sooner.

Cyberattacks on Spain increase

The National Cybersecurity Institute (INCIBE) has previously reported a surge in cyberattacks in Spain.

Following the outbreak of the Russia-Ukraine war in February 2022, the risk of cyberattacks has increased. In response to the threat, Spain escalated its cybersecurity alert to level three out of five in March and established a cybersecurity committee.

In July 2022, the Spanish National Research Council (CSIC) suffered a ransomware attack that was attributed to Russian hackers. Reportedly, the attackers were unsuccessful in extracting data. To address and resolve the attack, internet access to several affiliated centers was severed.