Cyber Incident Victim: Hillel Yaffe Medical Center

On October 13, 2021, Hillel Yaffe Medical Center in Israel experienced a ransomware attack, marking the first confirmed ransomware incident targeting a hospital within the country. The hospital activated alternative systems to maintain patient care operations following the attack, which officials described as "totally unexpected." Medical treatment continued under standard protocols with the exception of non-urgent elective procedures, which were temporarily suspended. Israel's National Cyber Directorate (INCD) classified the incident as a "major" attack, with director Yigal Unna publicly acknowledging the severity during a U.S.-hosted ransomware summit while response efforts were ongoing. Unna characterized the operational status as challenging, stating "it does not look very good" during initial containment attempts. The INCD coordinated with the Ministry of Health to issue preventive advisories to other Israeli hospitals following the attack.

The incident represented a significant escalation in healthcare targeting within Israel, though Unna noted similar ransomware attacks against medical facilities had previously occurred in other countries. No patient data breaches or treatment disruptions beyond elective procedures were explicitly reported. Contextual data presented by Unna three months prior indicated approximately 20% of Israeli businesses had experienced cyber attacks, with one-fifth sustaining operational damage from such incidents. The hospital maintained public communications through official statements but did not disclose technical details regarding attack vectors, ransom demands, or specific affected systems. Response efforts focused on maintaining critical care through manual and alternative protocols while containing the ransomware's impact. International attention to the incident coincided with contemporaneous warnings about healthcare-targeted ransomware in the United States and Europe.