Cyber Incident Victim: Faculty Hospital, Nitra
Date:
May 2017
Location:
Slovakia
Summary
A cyberattack impacted Faculty Hospital in Nitra, compromising at least half of its computers across departments and outpatient clinics. The hospital disabled all systems to contain the virus's spread, though healthcare services reportedly continued without restrictions and no data breach occurred. Technical teams prioritized restoring computer operations while working to eliminate the identified malware. The incident coincided with a broader global ransomware campaign, though financial damages remained unassessed during initial recovery efforts. Patients faced potential delays due to reduced computer availability, but critical medical care was maintained throughout the disruption.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On May 12, 2017, Faculty Hospital in Nitra experienced a disruptive cyberattack that compromised its computer systems. The hospital proactively powered down all computers on Friday afternoon to contain the spread of the virus, a containment measure taken shortly after detection. Hospital spokesperson Tatiana Timková confirmed that technicians successfully identified the malware and were actively working to eradicate it. While at least half of departmental and outpatient clinic computers remained operational during the incident, the reduced availability caused potential delays in administrative processes, though patient care services were not interrupted. No data breaches or unauthorized disclosures of patient information occurred according to official statements.
The incident formed part of a coordinated global ransomware campaign affecting multiple countries, though the hospital did not specify the exact malware variant involved. Technical teams prioritized restoring full computer functionality across all departments and clinics before assessing financial damages. Operational continuity measures ensured healthcare delivery proceeded without critical limitations despite the degraded IT infrastructure. By the initial reporting date, recovery efforts remained ongoing with no projected timeline for full system restoration provided. The hospital maintained public communications through spokesperson updates while focusing technical resources on containment and remediation activities.