100 Romanian Hospitals Go Offline – Doctors Grab Pencils to Save Lives

Tue Jun 23 2026 19:40:16 GMT+0000 (Coordinated Universal Time)

When a ransomware attack hit Romania’s hospitals, medical teams went from digital to analog, keeping patients safe while cyber‑security leaders shut 100 hospitals offline for a week.

Romania’s national cyber‑security centre ordered over 100 hospitals to disconnect from the internet after a ransomware team called BackMyData breached a popular medical software. Doctors and nurses had to record every patient in paper notebooks, while IT teams worked around the clock to scrub infected systems. The move stopped the hackers, avoided a ransom payment, and showed how vital offline backups are for keeping life‑saving services running.

On 10 February 2024, a ransomware group named BackMyData hacked into a key Romanian medical system called Hippocrates. The hackers’ goal was simple: scramble files and demand €160,000 in bitcoin.

In just a few hours, more than 100 hospitals heard the alert: disconnect from the internet, now. The move, made by Dan Cimpean, the head of Romania’s cyber‑security centre, was the only way to stop the malware from spreading across the country.

With computers offline, doctors and nurses had to throw out tablets, keyboards and cloud‑based tools. They turned instead to pens, paper and a new “paper‑based Hippocrates” that let them record lab tests, scans and prescriptions by hand.

The decision had a major cost: patients had to fill out paper forms, waiting rooms were full, and some patients took their frustration out on medical staff. But nobody was harmed – the offline strategy kept critical surgeries running while the attackers were scrubbed out.

Within five days, hospitals were back online and most patients were treated normally, thanks to robust backups that IT teams could restore. The incident highlighted the danger of digitalising every hospital system without strong fire‑walls and the power of coordinated crisis communication, which warned people not to push their loved ones into hospitals unnecessarily.

Cyber‑security experts have warned that as more hospitals digitise, the risk grows. In Greece, the UK, and the U.S., similar attacks have even caused patient deaths or prompted huge ransom payments. Romania’s case shows that the best defence is not only technology – but also quick decision‑making, teamwork, and the ability to get back to paper whenever the digital world fails.