Shared service provider TransForm has published an update on the cyberattack that recently impacted operations in multiple hospitals in Ontario, Canada, clarifying that it was a ransomware attack. The organization confirms that the attackers managed to steal a database containing information on 5.6 million patient visits, corresponding to approximately 267,000 unique individuals.
The incident caused operational disruptions, forcing the healthcare providers to reschedule appointments and redirect non-emergency cases to other clinics in the area.
- Bluewater Health: Data on 5.6 million patient visits corresponding to 267,000 unique patients.
- Chatham-Kent Health Alliance: Data on 1446 individuals who worked in the hospital as of February 2021. Includes names, addresses, social insurance numbers, gender, marital status, date of birth, and pay rate.
- Erie Shores HealthCare: Data on 352 current and past employees of the hospital.
- Windsor Regional Hospital: Data on a limited number of patients, including names and a brief summary of their medical conditions.
- Hôtel-Dieu Grace Healthcare: Data on some patients (currently undergoing analysis)
The organization explained that the attackers compromised an operations file server that hosted employee data, and also shared drive space used by the impacted hospitals. The shared drive has varying impact on the hospitals, as each opted to store different types and amounts of data in it.
TransForm’s announcement concludes by asking for patience as the process of determining the scope of the impact and the types of data that have been exposed is time-consuming. The organization promised to provide regular updates on the matter.
