Twelve days into a ransomware attack that has upended health-care services at five hospitals in southwestern Ontario, a cybercriminal group claimed responsibility in an online blog, describing how the attack happened and what it says are the millions of private patient records it has stolen.
In a report to Windsor Regional Hospital on Thursday, chief executive officer David Musyj said the hospital is slowly getting back on track, working hard to restore services. He noted although the impacted hospitals “closely examined” the ransom demand from the cybercriminals, they decided against paying it.
“We knew … that we could not trust the promise of a criminal to delete this information,” he said.
“We learned that payment would not speed up the safe restoration of our network.”
It’s the first time Musyj has spoken about the attack, and his message served as a counter to the claims of the cybercriminals, who bragged about the extent of the damage in an online blog.
After the hospitals refused to pay, the hackers followed through on their threat of releasing a portion of private health information.
Details about that exposed personal information, along with the cybercriminal group that has claimed responsibility for the attack, have been released in an article from DataBreaches.net — a website run by a retired licensed health-care professional who lives in New York state.
CBC News spoke with the author of the website and has agreed to keep them anonymous to protect their safety.
The author, who goes by the pseudonym Dissent Doe, said they don’t have expertise in cybersecurity, beyond having reported on the