Over 100 healthcare facilities in Romania have fallen victim to a ransomware attack, resulting in some doctors resorting to using pen and paper. The attack targeted children’s and emergency hospitals, as well as other facilities that went offline as a precautionary measure. The cybercriminals demanded 3.5 Bitcoin, equivalent to over £130,000, to decrypt vital files that had been encrypted. However, Romanian cyber officials have stated that recent data backups have reduced the impact of the attack. The incident occurred overnight on Monday and focused on a widely used medical information system. The Romanian Ministry of Health is currently investigating the attack with the assistance of IT specialists and cyber security experts. So far, 25 hospitals have been affected, with an additional 79 facilities being taken offline for investigation. While the type of malware used has been identified, the responsible group remains unknown. The ransom demand only includes an email address. Although most of the targeted hospitals have recent backups, the impact on patients could still be significant as internet-connected devices have been switched off as a precautionary measure, potentially affecting booking systems and machines like MRI scanners. In 2017, the UK experienced a similar attack that disrupted 80 out of 236 hospital trusts across England and resulted in the cancellation or rescheduling of nearly 7,000 appointments. Following that incident, the NHS acknowledged the need for improvement and implemented several changes.