Skip to main content

Data connected to hospital cyberattack has been published: hospital officials


Windsor-Essex and Chatham-Kent hospital officials say data connected to a cyberattack has been published.

Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare, Windsor Regional Hospital, and the shared service provider TransForm Shared Service Organization were recently the victims of a ransomware attack that impacted operations as well as certain patient, employee and professional staff data.

“We have become aware that data connected to the cyber incident has been published. We are reviewing the data to determine its contents,” said a news release on Thursday.

Hospital officials said they are working with leading cybersecurity experts to continue to investigate to determine the exact data impacted. Any individuals whose data was affected by this cyberattack will be promptly notified, in accordance with the law.

“We are working closely with law enforcement – including local police departments, Ontario Provincial Police, INTERPOL, and FBI – and we have notified all relevant regulatory organizations including the Ontario Information and Privacy Commissioner,” said the statement.

“It is from a cybersecurity perspective, a doomsday scenario for everyone involved,” said CTV technology expert Carmi Levy.

The statement said their leaders, on advice by experts that they could not verify claims by the attacker, decided they would not yield to their ransom demands.

“The best practice is don't pay, never pay, always draw a line in the sand and so what we're seeing here is really a textbook response,” said Levy, alluding to the International Counter Ransomware Initiative (CRI), which met in Washington at the White House Wednesday.

The alliance, of which there are 50 member nations (including Canada) is developing the first-ever joint policy statement declaring that member governments should not pay ransoms.

“As soon as you pay a ransom in a ransomware attack scenario, you telegraph to cyber criminals that you're willing to pay,” said Levy. “So it means they're even more likely now to come after you again and the data bears that out.”

While most cyber-attacks go unreported, seven per cent of Canadian victims reported last year were health care organizations, according to the Canadian Centre for Cyber Security.

Levy said protection against future attacks and ensuring hospitals have proper IT resources needs to be top of mind for all lifeline institutions across Canada.

“They're watching what's happening here and learning from this experience, and that ultimately is how we're going to get ahead of the cyber criminals, learn from experiences like this, do better next time,” Levy said.

Meantime, hospitals are doing their best to contact patients directly in advance if they have a scheduled appointment with one of the hospitals that needs to be rescheduled. They are also asking patients who do not need emergency care to attend a primary care provider or clinic.

“We continue to work around the clock to restore systems, and we expect to have updates related to the restoration of our systems in the coming days,” said the statement.

“We understand the impact this incident is having on members of our community, including patients and our employees and professional staff, and deeply apologize for the inconvenience this has caused. We want to thank everyone for their patience during this time,” said the hospitals. Top Stories

Stay Connected