The Hospital Clínic de Barcelona suffered a ransomware attack on Sunday morning, severely disrupting its healthcare services after the institution's virtual machines were targeted by the attacks.
The 819-bed hospital is based in Barcelona, Spain, and serves over half a million people seeking medical attention and healthcare services.
According to a statement issued by the Government of Catalonia, the Hospital Clínic de Barcelona suffered an attack by the RansomHouse ransomware operation.
RansomHouse
launched in May 2022 as a data extortion marketplace, claiming not to use ransomware in their attacks. However, they were soon linked to the
WhiteRabbit ransomware encryptor and to numerous ransomware attacks, including those on
ShopRite, eight municipalities in Italy, and
ADATA.
The government statement also mentions that the cyberattack impacted the emergency services of three medical centers associated with Clínic de Barcelona, including CAP Casanova, CAP Borrell, and CAP Les Corts.
"This is a cyberattack that has occurred in virtualized environments. It has been a sophisticated and complex attack that did not involve classic techniques, indicating an evolution by the attacker," mentions the
Catalonia government announcement (machine translated).
"Work is underway to determine the extent of the damage and the infiltration in a coordinated manner with the Mossos d'Esquadra and Interpol."
The hospital's SAP system wasn't impacted, but all applications and communications remain broken as work to restore critical systems continues. This means that patient information for physicians is out of reach, and the situation impacts care services.
