Irish health service forced to shut down IT systems after ransomware attack

Ireland’s health care system was forced to shut down its IT systems Friday following what it described as a “significant” ransomware attack that disrupted operations.

“There has been a ransomware attack on our IT systems,” the Health Service Executive (HSE) wrote in a post on its website. “We have shut them all down as a precaution. This has caused some disruption to our services. But most healthcare appointments will go ahead as planned.”

According to HSE, the attack meant a delay in some hospital appointments, the cancellation of a portion of virtual appointments and a delay in COVID-19 test results. The Rotunda Maternity Hospital in Dublin canceled all appointments except emergencies, and the Cork University Hospital was forced to cancel all radiotherapy and most X-ray appointments Friday. 

Ambulance and emergency services were not disrupted and were continuing as normal as of Friday afternoon in Ireland, along with COVID-19 vaccine appointments. 

“Most hospital appointments are still going ahead as planned,” HSE wrote. “But delays should be expected while hospitals move to manual, offline processes.”

HSE has not commented on the hackers behind the attack.

Ireland’s Minister for Health Stephen Donnelly tweeted Friday that he was in “regular contact” with HSE officials, noting the attack was having “a severe impact on our health and social care services today.”

“We are working to ensure that the systems and the information is protected,” Donnelly tweeted. “COVID-19 testing and vaccinations are continuing as planned today.”

This is having a severe impact on our health and social care services today, but individual services and hospital groups are impacted in different ways. Emergency services continue, as does the @AmbulanceNAS. Updated information will be available @HSELive throughout the day.

— Stephen Donnelly (@DonnellyStephen) May 14, 2021

The HSE ransomware attack came a week after Colonial Pipeline, which supplies around 45 percent of the U.S. East Coast’s fuel supply, was forced to shut down operations due to a separate ransomware attack. 

These types of attacks have skyrocketed during the COVID-19 pandemic, with cyber criminals increasingly going after vulnerable and overburdened critical systems as more daily activities moved online.

Hospitals and health care organizations have been major targets. 

Universal Health Services, a hospital chain with roughly 400 facilities across the U.S., Puerto Rico and the United Kingdom, was targeted in a major cyberattack last year, and a coalition of U.S. federal agencies warned in October that cyber criminals were stepping up attacks against health sector groups.