A coordinated cyber-attack has crippled digital systems in more than 100 Romanian hospitals, forcing medics to revert to pen and paper for patient records and appointments. The assault, which began on Tuesday morning, targeted a central healthcare IT platform used by hospitals across the country. Operations have been postponed, outpatient clinics are running on handwritten notes, and staff are scrambling to maintain care without access to digital prescriptions, test results, or scheduling software.
Romanian officials say the attack did not compromise patient data but has severely disrupted services. The country’s national cyber security agency is working with Europol and international partners to trace the source. No group has yet claimed responsibility.
For the thousands of patients affected, the impact is immediate. One woman in Bucharest told reporters she had waited four hours for a cardiology appointment only to be told her scan results were lost. “They gave me a piece of paper with a new date. I do not know if my heart condition can wait,” she said.
In the UK, the incident has reignited concerns about the resilience of the National Health Service’s digital infrastructure. The Department of Health and Social Care confirmed that a review of NHS cyber defences has been under way since last year, but sources say the Romanian attack has added urgency. Hospitals across Britain have been warned to check their offline contingency plans. A senior NHS digital officer, speaking on condition of anonymity, said: “The Romanian scenario is our nightmare. If a coordinated attack took down a major trust, we would see the same chaos. Paper systems are rusty, and many staff have never used them.”
The NHS has faced high-profile cyber incidents before. In 2017, the WannaCry ransomware attack locked 19,000 appointments and forced ambulances to divert. Since then, millions have been spent on upgrades, but experts warn that state-backed groups now have more sophisticated tools. A recent parliamentary report found that nearly one-third of NHS trusts had failed a basic cyber security assessment.
For the Romanian health workers now battling with paper, the lessons are harsh. Dr. Andrei Popescu, a surgeon in Cluj-Napoca, said: “We are using our phones for lighting, laminating notes to protect them from spills, and running between wards to deliver results. It is like stepping back thirty years. We can manage for a few days, but if this continues, people will die from delays.”
The attack also raises questions about the vulnerability of older medical equipment. Many Romanian hospitals rely on scanning machines and infusion pumps that run on outdated operating systems, a problem shared by the NHS. A 2023 audit found more than half of NHS imaging devices were still using Windows 7, which no longer receives security patches.
Downing Street said ministers were being briefed regularly on the situation. Prime Minister Rishi Sunak called the attack “a stark reminder of the shared threats we face” and said the UK was offering technical support to Romania. But opposition MPs accused the government of complacency. Shadow Health Secretary Wes Streeting said: “We have known for years that our health service is a target. This is a wake-up call the government has ignored for too long.”
For now, Romanian doctors continue to work without a safety net. Nurses are handwriting blood group labels. Surgeons are double checking paperwork by shouting across operating theatres. And patients are left wondering whether their treatment will be delayed by a few days or a few weeks. The digital crisis in Bucharest is a stark preview of what could happen in London, Manchester, or Glasgow. The real question is how much readiness has been bought by the millions spent since WannaCry.
