How many people are affected by Tonga's healthcare ransomware attack?

Approximately 100,000 residents are affected by the attack - essentially representing the complete medical history of Tonga's population. This makes it one of the most comprehensive national healthcare breaches relative to population size.

What is the ransom demand for Tonga's health system?

The health minister reported that an unnamed ransomware group is demanding millions of U.S. dollars to restore system access. The specific amount and identity of the ransomware group have not been publicly disclosed.

What medical data was potentially compromised in the Tonga attack?

The compromised data includes patient medical records and complete medical histories, prescription information and medication data, health risk assessments and medical evaluations, future treatment plans and patient care strategies, and hospital registration and patient identification data.

How has the attack affected hospital operations in Tonga?

All four national hospitals have been forced to revert to manual operations, relying on paper-based processes that medical staff had largely abandoned since the digital system went live in 2021. This represents a complete regression from digital to analog healthcare management.

When did Tonga's National Health Information System go live?

Tonga's National Health Information System (NHIS) went live in 2021, meaning the country had been operating with digital healthcare infrastructure for approximately four years before this devastating ransomware attack forced a return to manual processes.

Is Tonga considering paying the ransom demand?

Based on available information, Tonga is working with Australian cybersecurity specialists to explore recovery options without paying the ransom demand. The international assistance suggests they are pursuing recovery through technical means rather than paying the cybercriminals.

What makes this attack particularly significant?

This attack is particularly significant because it has completely disabled an entire nation's healthcare information system, affecting 100% of the population's medical records. For a small island nation like Tonga, this represents a complete compromise of national healthcare data infrastructure with no redundancy or backup systems available.

How are medical staff coping with the system outage?

Medical staff are overwhelmed by the crisis and have been forced to return to paper-based processes they had largely abandoned since 2021. This represents a significant operational challenge as staff must readjust to manual record-keeping while continuing to provide essential healthcare services.

What are the broader implications for Pacific island nations?

This attack highlights the cybersecurity vulnerabilities facing small Pacific island nations that may lack the resources for robust cybersecurity infrastructure and incident response capabilities. It demonstrates how a single successful attack can completely cripple critical national infrastructure in smaller countries, and shows the importance of international cooperation and assistance in cybersecurity incident response.

Incident

Tonga Ministry of Health paralyzed by ransomware attack

Q: What happened to Tonga's healthcare system?

The Kingdom of Tonga's Ministry of Health reported a ransomware attack that has completely disabled the country's National Health Information System (NHIS), forcing all four national hospitals to revert to manual operations and leaving approximately 100,000 residents without access to digital medical records.

Q: When was the ransomware attack on Tonga's health system discovered?

The cyberattack was discovered on June 15, 2025. The attack has completely encrypted the NHIS, rendering the entire digital healthcare infrastructure inoperable.

Q: What international assistance is Tonga receiving?

Australia's cyber-security team arrived in Tonga after an appeal via the Australian High Commission. The Australian specialists are working alongside local IT administrators to assess the damage and explore recovery options without paying the ransom demand.

published: June 20, 2025

Learn More

The Kingdom of Tonga's Ministry of Health is reporting a ransomware attack that has completely disabled the country's National Health Information System (NHIS), forcing all four national hospitals to revert to manual operations and leaving approximately 100,000 residents without access to digital medical records.

The cyberattack was discovered on June 15, 2025. The health minister reported that an unnamed ransomware group is demanding millions of U.S. dollars to restore system access. The attack has completely encrypted the NHIS, rendering the entire digital healthcare infrastructure inoperable and forcing medical staff to rely on paper-based processes they had largely abandoned since the system went live in 2021.

The potentially compromised data encompasses the complete medical history of Tonga's population - approximately 100,000 individuals. The compromised data includes:

Patient medical records and complete medical histories
Prescription information and medication data
Health risk assessments and medical evaluations
Future treatment plans and patient care strategies
Hospital registration and patient identification data

The Polynesian nation engaged international cybersecurity assistance. Australia's cyber-security team arrived in Tonga yesterday after an appeal via the Australian High Commission, supporting local staff overwhelmed by the crisis. The Australian specialists are working alongside local IT administrators to assess the damage and explore recovery options without paying the ransom demand.

Tonga Ministry of Health paralyzed by ransomware attack

Read More
Swiss manufacturer Schlatter disrupted in cyberattack, likely ransomware
Sav-Rx medication benefits provider reports data breach
Evolve Bank confirms data breach by LockBit ransomware …
Multipe UK local government councils hit by service …
North Texas Municipal Water District report ransomware cyberattack