Search icon


16th Dec 2021

IT systems down at Coombe Women’s Hospital following new cyber attack

Dave Hanratty

Coombe Hospital cyber attack December 2021

The attack took place overnight.

An overnight cyber attack has locked down the IT systems at the Coombe Women’s Hospital in Dublin, a spokesperson has confirmed.

Services at the hospital are set to continue as normal while the attack is being investigated.

“The Coombe Women & Infants Hospital can confirm that it has been subject of a cyberattack overnight,” began a statement issued on Thursday morning, 16 December.

“We wish to reassure all of those accessing our services that these services are continuing as normal.

“We have locked down all our IT systems on a precautionary basis and are working closely with the HSE to resolve this matter.”

The HSE acknowledged the attack via a statement of its own on Thursday, noting that it is has disconnected the Coombe facility from the National Health Network.

“At this point we have not seen evidence of an impact external to the Coombe Hospital but we are continuing, with external support, to assess whether there is any broader impact,” noted a spokesperson.

The Coombe cyber attack comes one week after the publishing of an internal HSE report that revealed that hackers had access to its systems two months prior to the hack that took place in May of 2021.

The report, which labels the current overall security condition as “frail”, states that the source of the cyber attack originated from a malicious software infection on a HSE workstation on 18 March.

The infection was the result of the user of the workstation clicking and opening a malicious Microsoft Excel file that was attached to a phishing email sent two days prior.

“After gaining unauthorised access to the HSE’s IT environment on 18 March 2021, the attacker continued to operate in the environment over an eight-week period until the detonation of the Conti ransomware on 14 May, 2021,” the report says.

The cyber attack was not identified and contained until after the detonation of the Conti ransomware.

According to the report, the HSE is operating on a “frail IT estate” that has lacked the investment over many years required to maintain a secure, resilient, modern IT infrastructure.

“It does not possess the required cybersecurity capabilities to protect the operation of the health services and the data they process, from the cyber attacks that all organisations face today,” it said.

“It does not have sufficient subject matter expertise, resources or appropriate security tooling to detect, prevent or respond to a cyber attack of this scale.

“There were several missed opportunities to detect malicious activity, prior to the detonation phase of the ransomware.”

Featured Image of the Coombe Hospital via Sasko Lazarov /

LISTEN: You Must Be Jokin’ with Aideen McQueen – Faith healers, Coolock craic and Gigging as Gaeilge