Cyber Incident Victim: Ziekenhuis Oost-Limburg

On or around February 3, 2021, Sacred Heart Hospital in Mol, Belgium, experienced a cyber attack that disrupted its IT systems. The attackers introduced viruses into the hospital’s network, with initial investigations suggesting email as the likely intrusion vector. The malware successfully compromised multiple systems, forcing their shutdown to contain the spread and damage. Hospital administrators confirmed no patient medical data was exfiltrated during the incident, ruling out a data breach of sensitive health records. The attack primarily impacted administrative and operational systems, necessitating an immediate shift to paper-based processes for patient registration, scheduling, and record-keeping. Clinical care systems reportedly remained functional, allowing continued treatment without direct risk to patients. The hospital did not disclose whether ransomware was involved or whether the attackers made any financial or operational demands.

The hospital’s incident response team isolated affected systems to prevent further propagation of the malware. External cybersecurity experts were engaged to assist with forensic analysis and system restoration. Administrative staff reverted entirely to manual paper workflows, causing significant delays in non-clinical operations such as billing and appointment management. Hospital representatives emphasized that patient safety was never compromised despite the operational disruption. No evidence suggested collateral impact on partner healthcare facilities or regional medical networks. The investigation remained ongoing at the time of reporting, with no attribution publicly identified for the attack. Restoration timelines for full digital operations were not disclosed in initial statements.