As the fallout from last week's cyberattack against five southwestern Ontario hospitals continues to spread, the organizations confirmed Tuesday that patient information was stolen and they now fear the blackmailers might publish it online. TransForm Shared Service Organization, which runs technology systems for the five affected hospitals, said it is working with local police agencies in the cities where the breaches occurred, Ontario Provincial Police, the FBI, and Interpol as part of a criminal investigation. The cybersecurity breaches - the result of a blackmail attempt - happened at hospitals in Windsor, Leamington, Sarnia, and Chatham-Kent. The organization said it has also notified the Ontario Information and Privacy Commissioner. "Working with leading cybersecurity experts, we have determined through our investigation that certain patient, employee and professional staff data has been taken and there is the possibility that the actors responsible for this attack may publish some of the stolen data," TransForm said in a media release. "We continue to investigate to determine the exact data impacted, and any individuals whose data was affected by this cyberattack will be notified in accordance with the law." The blackmailers targeted the hospitals through TransForm, which runs their IT, supply chain, and accounts payable systems. TransForm and the hospitals did not say if they know where the attackers are based or exactly what their demands were. The attack shut down the hospitals' access to Wi-Fi, email, and patient information systems. Procedures were postponed, hospitals couldn't reach some patients, and staff had to revert to paper charting. Safety issues, such as flagging potentially violent patients, are being documented with paper forms. "We are working closely with law enforcement - including local police departments, Ontario Provincial Police, INTERPOL and FBI - and we have notified all relevant regulatory organizations including the Ontario Information and Privacy Commissioner." The Ontario Nurses' Association said last week that Windsor Regional Hospital had to bring in extra staff and managers to deal with fallout from the cyberattack. The nurses' union also said that Windsor Regional Hospital had implemented its emergency downtime process, a procedure followed when cybersystems malfunction, after being notified of the security breach. With patient information systems offline, the attack left hospitals unable to reach some patients to inform them of what is happening or reschedule appointments. "The hospitals will continue to do their best to contact patients directly in advance if they have a scheduled appointment with one of our hospitals that needs to be rescheduled," TransForm said in the joint statement. "If patients do not need emergency care, we ask that they please attend their primary care provider or local clinic." Attempted blackmail the reason for cyberattack against hospitals. Cyberattack delays hospital appointments in Windsor-Essex, Chatham, Sarnia. "We understand the impact this incident is having on members of our community, including patients and our employees and professional staff, and deeply apologize for the inconvenience this has caused," the organization said.
This Cyber News was published on windsorstar.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000