AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cybersecurity on alert: Canadian clinics in check

Cyber security at risk: Canadian healthcare faces large-scale data breaches

Five Canadian healthcare facilities have been hit by a ransomware attack that caused the leak of sensitive patient and employee data. The Daixin group claimed responsibility for the action. Investigations are underway.

This pill is also available in Italian language

A number of healthcare facilities in Canada, five to be exact, have confirmed that they were victims of a ransomware-type cyber attack, resulting in the unauthorized disclosure of sensitive data. The affected hospitals include Bluewater Health, Chatham-Kent Healthcare Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital, as well as TransForm Shared Service Organization, a company that provides services to the aforementioned facilities.

Leak of sensitive data post-attack

The repercussions of the security breach manifest themselves in the release of patient and employee data from a storage unit shared between the affected entities. Bluewater Health disclosed the theft of a patient database report, which included approximately 5.6 million visits from nearly 267,000 unique patients, as well as information on some employees. Checks are currently underway to identify the individuals involved and establish the nature of the personnel information compromised.

Breach announcement details

The breach exposed detailed data of Chatham-Kent Health Alliance staff as of February 2, 2021, including names, addresses and identifying information. In addition, they stole information from a subset of Erie Shores HealthCare patients and social insurance numbers from approximately 352 current and former employees. However, no medical records or social insurance numbers at Windsor Regional Hospital and Hôtel-Dieu Grace Healthcare appear to have been accessed, and no banking information was stolen.

Reaction of hospitals and responsibility for the attack

The joint commitment of the affected hospitals is taking the form of investigations into the stolen material to quantify the extent of the damage and identify the victims. Meanwhile, the Information and Privacy Commission of Ontario has been notified. Although the party responsible for the attack has not been officially identified, the Daixin group has claimed responsibility for the criminal action, claiming the exfiltration of more than 160 GB of data including thousands of sensitive records such as personal identifying information (PII ) and protected health information (PHI). Similar concerns were raised by the US cybersecurity agency CISA and the FBI in October, which reported a growing threat posed by Daixin ransomware to the healthcare sector.

Follow us on Twitter for more pills like this

11/07/2023 10:49

Marco Verro

Complementary pills

Canadian hospitals under cyber attack: suspected ransomwareAn attack that puts the security of sensitive data and the functioning of crucial healthcare facilities at risk

Last pills

Zero-day threat on Android devices: Samsung prepares a crucial updateFind out how Samsung is addressing critical Android vulnerabilities and protecting Galaxy devices from cyber threats

CrowdStrike: how a security update crippled the tech worldGlobal impact of a security update on banking, transportation and cloud services: what happened and how the crisis is being addressed

Checkmate the criminal networks: the Interpol operation that reveals the invisibleFind out how Operation Interpol exposed digital fraudsters and traffickers through extraordinary global collaboration, seizing luxury goods and false documents

Google Cloud security predictions for 2024: how AI will reshape the cybersecurity landscapeFind out how AI will transform cybersecurity and address geopolitical threats in 2024 according to Google Cloud report