Abstract Background On 23rd Nov, 2022 a tertiary care apex medical institute in India was subject to cyberattack which disrupted the Hospital Information system (HIS) and the Laboratory Information system (LIS) servers. The services from the SmartLab, an end-to-end integrated total-lab-automation system, designed to run on paperless mode got disrupted. This is the main service laboratory with an average daily sample load of approx. 5000 including hematology, coagulation, clinical chemistry, immunoassays and serology services. Methods All lab operations were immediately shifted to manual mode. Standard operating protocols (SOPs) were designed for manual processing and circulated to OPD and IPD staff through WhatsApp. Instructions were issued to use previously used paper test-request-forms (TRFs) for sending samples. Previous stock of TRFs were retrieved from Stores and distributed to the IPD and OPDs. Staff from other areas of the hospital were mobilized.In OPD sample collection area, patients’ registrations were done by writing Patient-Id, Name, Age, Sex, Sample-Id, Treating department and Test requests in registers. A small sticker was introduced and pasted on the blood collection tubes capturing minimal relevant patient details, treating department codes and sample Id. Duplicates were pasted on OPD cards of respective patients. Traceability of patient Ids and sample Ids were maintained through data entry in registers. In the lab, the LIS were shut down on a precautionary note. Test requests corresponding to each sample Id were programmed directly on the analyzers. When done, print-outs of test results were obtained from the analyzers and hand-written results were entered by data entry operators on the TRFs. Reports were then segregated as per the treating department codes and dispatched to respective places. This continued till partial restoration of HIS services on and from 12th December, 2023. Results Despite best efforts, turn-around-time (TAT) for reports got compromised. IPD reports were prioritized and about 60% of the same could be dispatched by 9 PM same day, rest being delivered by 9 AM, next morning. TAT for OPD reports stretched up to 36 h. Inspite of introducing separate numbering systems with codes for different OPDs and IPDs, about 40% reports could not be traced to the respective OPDs. These reports were collected by the patients’ attendants from the lab itself. Manual report retrieval counters were set up outside the lab. At least 20% reports of the approx. 3000 reports generated per day remained unclaimed even after 30 days. The utilization of lab services also came down by 20%–25% during this period. About 5% reports had to be repeated with fresh samples due to inability to retrieve previous reports. The data generated during this 20-days period could not be stored electronically and hence are not available in our database now. Conclusion Cyberattacks may happen to any institution. Having a strict cyber-security protocol is a must for all institutions. However, having a back-up plan for handling such a crisis should be also in place in case of any eventuality. Sharing our experience is an endeavour to create awareness regarding the prerequisites of such a plan.