Cyber Incident Victim: 大阪急性期・総合医療センター

On October 31, 2022, Osaka General Medical Center experienced a ransomware attack that forced the suspension of routine medical services. The hospital’s electronic medical record systems became inaccessible following a system failure detected earlier that day. A contractor investigating the outage confirmed ransomware infection after identifying an email written in English that demanded payment in Bitcoin. While emergency operations continued unaffected, the attack disrupted core administrative functions, including the ability to calculate medical treatment fees and access patients’ full medical histories. Hospital director Takeshi Shimazu publicly confirmed staff resorted to paper-based record-keeping to maintain partial operations. The 865-bed facility, operated by the Osaka Prefectural Hospital Organization and housing 36 departments, maintained critical care but could not restore affected systems immediately. No evidence indicated whether cyber-physical systems or IoMT devices were compromised during the incident.

The hospital initiated recovery efforts by deploying manual processes while technicians worked to restore digital systems. Shimazu emphasized operational challenges stemming from the loss of electronic records, particularly regarding patient history verification and billing accuracy. On March 28, 2023, the hospital published a report from its Information Security Incident Investigation Committee, confirming a formal review of the breach. Subsequent system restoration milestones included the reactivation of the "カルナシステム" (KARUNA system) on September 26, 2023, indicating prolonged recovery efforts. The attack highlighted vulnerabilities in the hospital’s network infrastructure, though specific technical details about initial access vectors or ransom payment status remained undisclosed. Operational disruptions persisted for months, evidenced by continued system restoration notices and staffing recruitment for technical roles post-incident.