AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

Cybersecurity on alert: Canadian clinics in check

Cyber security at risk: Canadian healthcare faces large-scale data breaches

Five Canadian healthcare facilities have been hit by a ransomware attack that caused the leak of sensitive patient and employee data. The Daixin group claimed responsibility for the action. Investigations are underway.

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

This pill is also available in Italian language

A number of healthcare facilities in Canada, five to be exact, have confirmed that they were victims of a ransomware-type cyber attack, resulting in the unauthorized disclosure of sensitive data. The affected hospitals include Bluewater Health, Chatham-Kent Healthcare Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital, as well as TransForm Shared Service Organization, a company that provides services to the aforementioned facilities.

Leak of sensitive data post-attack

The repercussions of the security breach manifest themselves in the release of patient and employee data from a storage unit shared between the affected entities. Bluewater Health disclosed the theft of a patient database report, which included approximately 5.6 million visits from nearly 267,000 unique patients, as well as information on some employees. Checks are currently underway to identify the individuals involved and establish the nature of the personnel information compromised.

Breach announcement details

The breach exposed detailed data of Chatham-Kent Health Alliance staff as of February 2, 2021, including names, addresses and identifying information. In addition, they stole information from a subset of Erie Shores HealthCare patients and social insurance numbers from approximately 352 current and former employees. However, no medical records or social insurance numbers at Windsor Regional Hospital and Hôtel-Dieu Grace Healthcare appear to have been accessed, and no banking information was stolen.

Reaction of hospitals and responsibility for the attack

The joint commitment of the affected hospitals is taking the form of investigations into the stolen material to quantify the extent of the damage and identify the victims. Meanwhile, the Information and Privacy Commission of Ontario has been notified. Although the party responsible for the attack has not been officially identified, the Daixin group has claimed responsibility for the criminal action, claiming the exfiltration of more than 160 GB of data including thousands of sensitive records such as personal identifying information (PII ) and protected health information (PHI). Similar concerns were raised by the US cybersecurity agency CISA and the FBI in October, which reported a growing threat posed by Daixin ransomware to the healthcare sector.

Follow us on Threads for more pills like this

11/07/2023 10:49

Editorial AI

Complementary pills

Canadian hospitals under cyber attack: suspected ransomwareAn attack that puts the security of sensitive data and the functioning of crucial healthcare facilities at risk

Last pills

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal group

Avast fined for illegitimate sale of web dataFines and restrictions imposed on cybersecurity company for misuse of personal data

KeyTrap: DNSSEC flaw discovered by researchersThe vulnerability puts the stability of DNSSEC at risk

Pact between technology companies against electoral manipulationJoint technology initiative to preserve the integrity of democratic voting