Data stolen in a ransomware attack targeting half-a-dozen Ontario hospitals and healthcare institutions have been published online, the hospitals said Thursday.
“We have become aware that data connected to the cyber incident has been published,” the hospitals said in a statement Thursday. “We are reviewing the data to determine its contents. Working with leading cybersecurity experts, we continue to investigate to determine the exact data impacted.”
On Tuesday, Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital, and their shared service provider, TransForm Shared Service Organization, confirmed that they had been targeted in a cybersecurity incident.
The facilities said that the ransomware attack impacted operations and that some patient, employee and professional staff data had been compromised.
It was not immediately clear Thursday which data were published and where.
In the joint statement, the hospitals said that any individuals whose data was affected will be notified, and that the hospitals are working closely with law-enforcement agencies, including local police, OPP, Interpol, and the FBI.
The Ontario Information and Privacy Commissioner has also been notified.
“Our leaders, on advice by our experts that we could not verify claims by the attacker, decided we would not yield to their ransom demands. We are aligned in this position with the governments of 50 nations, including Canada, who have recently pledged to never pay ransom to cybercriminals,” the statement read. “We continue to work around the clock to restore systems, and we expect to have updates related to the restoration of our systems in the coming days.”
Services at the impacted hospitals are still being affected, and the facilities are also working to notify patients whose appointments need to be rescheduled. They are advising those who don’t need emergency care to visit their family doctor or local clinic instead.
“We understand the impact this incident is having on members of our community, including patients and our employees and professional staff, and deeply apologize for the inconvenience this has caused,” the hospitals said.
Cyber attacks on healthcare facilities, have become increasingly frequent over the past few years, with criminals, sometimes locking down key systems and demanding payment for their release or stealing data and threatening to publish it unless a ransom is paid.
Last week Michael Garron Hospital in Toronto implemented a Code Grey following a data security incident. The hospital said there was no known connection to the ransomware attack against the other hospitals. The Code Grey there was cleared Wednesday.
Other hospitals targeted in recent years include Scarborough Health Network, Toronto’s Hospital for Sick Children (SickKids) and Humber River Hospital.