A large-scale cyberattack has affected approximately one-third of a database in the Republic of Moldova that stores personal information and payment data from the healthcare system. Representatives of the Cyber Security Agency of Moldova report that no attackers have requested a ransom for data recovery. Officials do not rule out that intelligence services of the Russian Federation may have carried out the operation, according to TVR Moldova.
Ion Vintila, deputy director of the Cyber Security Agency, said that Moldova has faced several cyberattacks on critical infrastructure since the beginning of the year, but he described the most serious incident as the attack on a medical database.
“During the last month, we experienced a fairly large attack on a medical database. Around 30% of the data was affected. The platform processes information from both regional and central hospitals, handles payments, and stores personal data,” he said.
Officials at the Cyber Security Agency treat the incident as potentially coordinated. They said they do not exclude foreign involvement and suggested possible links to Russian actors.
“In our case, no messages arrived requesting payment or data recovery. We have not received any such communication. However, we consider that a well-planned operation may have targeted Moldova to extract sensitive data,” Ion Vintila said.
The General Prosecutor’s Office of Moldova and the police have not registered official complaints related to the incident so far.
The Ministry of Health of Moldova and the National Health Insurance Company of Moldova have requested information on which medical institutions may have been affected, and authorities expect to release further details later.