Info from 56 million patient visits among data stolen in ransomware attack on Ontario hospitals CBC News
pA database containing information on 56 million patient visits to Bluewater Health and the social insurance numbers of as many as 1446 ChathamKent Health Alliance employees are among the data taken in the ransomware attack on five southwestern Ontario hospitals officials said in a lengthy update Monday ppThe update including specific information about what was stolen from each hospital comes after some data was published by the hackers online ppAll hospitals have some degree of patient and employee information affected the hospitals said in a joint afternoon statement All of our hospitals are diligently investigating the stolen data to determine who is impactedppThe cyberattack on Oct 23 has led to a system outage involving patient records email and more at Windsor Regional Hospital Erie Shores HealthCare HôtelDieu Grace Healthcare Bluewater Health and ChathamKent Health Alliance It has also delayed appointments for patientsppNeither the hospitals nor TransForm the hospitals IT and payroll administration organization which is at the centre of the attack have paid ransom demanded by attackers ppTransForm says anyone whose data has been compromised will be contacted directly ppAccording to the joint statement from the hospitals attackers were able to steal data from a shared file server that included patient data of varied amounts and sensitivityppThe stolen data is in many formats some of which are easier to analyze officials said in their statement ppAlso targeted was a Bluewater Health patient database report ppNot stolen in the attack are databases related to employee payroll accounts payable electronic health record information at hospitals other than Bluewater Health and donor information ppThe hospitals called the information released Monday an initial update on what is known to date saying that analysis is still ongoingppThe hospitals are all offering free credit monitoring to their employees and professional staff Past employees whose information may have been affected like at CKHA can sign up in person at the hospital or will receive a letter with instructions ppThe hospitals said they anticipate an update on the restoration of systems in the coming days and they have reported findings to the Ontario Information and Privacy Commissioner ppThe hospitals have set up a cybersecurity hotline for questions from patients at 5194376212 with hours from 8 am to 11 pm Monday to Friday Staff can direct questions to their HR teams ppWe condemn the actions of cybercriminals in the healthcare sector and elsewhere in our communities and around the world officials said We understand the concern this incident has raised within our communities including patients and our employees and professional staff and we deeply apologizeppThe update from the hospitals comes after another bunch of sensitive patient data was released onto the dark web by the cybercriminal group that has claimed responsibility for the attack according to the author of a site that tracks data breaches ppThis is the third round of data that has been published after the five hospitals agreed not to pay a ransomppThe first round of data which included scans of patient information like records and claims was published on Nov 1 The second round of data published on Friday included COVID19 vaccine records including names and in some cases their reactions to vaccines ppThis third round of data according to DataBreachesnet a blog that covers cyberattacks was released on Sunday ppCBC News has not independently verified the claims in the blog but has verified the identity of the author of the website An expert told CBC while the author who uses the pseudonym Dissent Doe has a track record of credibility specific claims made by hackers should be taken with some skepticism ppThe author of Databreachesnet says through email the cybercriminal group Daixin took responsibility for the attack last week ppAccording to Dissent the third round of data includes some personnel information sensitive patient information and ITrelated data ppThey say this involves discharge data on patients between 2013 and 2015 as well as survey responses patient complaints and internal hospital reviews that have been done ppDissent writes that their description of what data was leaked is intended to remind the public what can happen when threat actors can gain access to a network and why entities need to really evaluate whether they have adequate security for sensitive files ppDissent adds in their blog that there is still another part of the data that Daixin hasnt yet dumped and that is databases ppDuring a news conference in Toronto on Monday Minister of Health Sylvia Jones said Ontario Provincial Police continue to investigate the cyberattack ppWithout a doubt we are very concerned when any type of patient access is compromised and we continue to support those hospitals to make sure that as they work through finding out exactly where the breach was and ensuring that doesnt happen again Jones said ppAudience Relations CBC PO Box 500 Station A Toronto ON Canada M5W 1E6 ppTollfree Canada only 18663064636ppIt is a priority for CBC to create products that are accessible to all in Canada including people with visual hearing motor and cognitive challengesppClosed Captioning and Described Video is available for many CBC shows offered on CBC Gemppp