Canadian health systems recovering from breach that forced thousands of appointment cancellations
Intruders accessed patient and employee data after infiltrating health-related IT systems in a breach that’s only now coming into focus.
A security incident affecting the province of Newfoundland and Labrador, first detected Oct. 30, took down multiple health networks, leading to the cancellation of thousands of appointments, including for chemotherapy treatments. The regional Eastern Health authority, which employees 13,000 people, only Thursday announced that its email system was again functioning.
“As part of the on-going investigation into a cyberattack that impacted health care IT systems in Newfoundland and Labrador, it has been determined that some personal information and personal health information was accessed from the systems,” the provincial government said in a Nov. 9 news release. “A review is ongoing to determine if any other information is affected in the incident and further updates will be provided as appropriate.”
Hackers obtained access to 14 years’ worth of information on current and former Eastern Health patients and employees, and nine years’ worth for Labrador Grenfell Health. Patient information includes name, address, health care number, reason for visit, their doctor and birth date. Employee information may include names, addresses, contact information and Social Insurance numbers, which are similar to U.S. Social Security numbers.
Canadian government officials have not said who is suspected in the latest incident, or whether ransomware was involved.
Attacks on health care have long been among the most urgent in cyberspace, given the potential life and death consequences of the sector going offline. A lawsuit in September alleged that a ransomware incident caused the death of an infant at an Alabama hospital. Meanwhile, at least one ransomware gang has specifically targeted hospitals, expecting them to be more likely to pay quickly given the risks.
In the U.S., the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency on Tuesday issued an alert about software flaws potentially affecting thousands of medical devices.