The Hospital Clínic de Barcelona has notified the Agència de Ciberseguretat de Catalunya this Sunday at 11:17 a.m. that it has suffered a ransomware cyberattack (which encrypts the data of a system to request a ransom), which has affected the emergency services, laboratory and downtown pharmacy. In addition, it has forced the descheduling of non-urgent surgeries and the referral of new patients to other hospitals.
At 11:30 a.m., the deployment of the action plan to respond to the incident began, which includes knowing the impact caused by the attack. In a late-afternoon statement, the Generalitat explained that both the professionals at the center and at the cybersecurity agency continue to work so that normality can soon be restored.
Internal sources affirm that although the affectation is in a part of the services, the impact is great because it affects all virtualized systems. This has caused elective -non-urgent- surgeries and visits to the extraction center and outpatient consultations to be descheduled. Oncological radiotherapy sessions have also had to be postponed.
However, tomorrow all the urgent and hospitalization activity will continue in all the Clínic locations (Villarroel, Plató and Maternidad). Home hospitalization, day hospitals, radiology, endoscopic tests, radiological examinations, dialysis and outpatient pharmacy will also work.
The affected services have coordinated with the Department of Health of the Generalitat and other hospitals in Barcelona to refer emergency patients, although those who were already admitted before the cyberattack and those who arrive at the emergency room on their own foot continue to be treated . However, patients who arrive through the Sistema d’Emergències Mèdiques (SEM) are being referred to other hospitals in the city, as are codes for stroke or heart attack.
According to the Agència de Cibersegurat de Catalunya, ransomware-type cyberattacks prevent victims from accessing the files on their computer devices through various methods until the ransom is paid. Those affected may even lose the availability of their data permanently.
The attack is similar to those suffered last October by the Moisès Broggi, Dos de Maig and General de l’Hospitalet de Llobregat hospitals, and the one that affected the Autonomous University of Barcelona (UAB) in October 2021.
