Tag: cyberattack

Bluewater Health takes another step forward after cyberattack

Bluewater Health says its current health information system is operational again.

Chief of Communications and Public Affairs Keith Marnoch shared the news with Sarnia News Today on Wednesday.

He said the health information system is working in a limited capacity for core clinical teams.

“Getting to this point really marks a milestone for us internally, because it means that many clinical units can now move away from pen and paper and get back to digital documentation and reporting,” Marnoch said.

Patient, employee and professional staff data was taken in the October breach at shared services provider, TransForm Shared Service Organization.

“Our clinical applications have been coming back online in a phased, and secured, approach, rather than us just flipping a switch and having it come back all at once. This will definitely happen over time, but this has been a deliberate strategy to ensure the highest level of security and stability for our system,” Marnoch said.

He said hospital officials are feeling good about the progress.

“I can honestly say that this has been a huge collaborative effort by all of our teams to get to this point where our health information system has become available and now somewhat operational in a limited capacity for the clinical teams,” he said.

In total, five area hospitals were impacted by the breach.

Bluewater Health cancelled thousands of appointments and later reported that the information of over 250,000 patients, including the Social Insurance Numbers (SIN) of thousands who filed WSIB claims, was compromised.

Marnoch said one of the most obvious backlogs exists in the diagnostic imaging department.

“What they’ve been doing in the last number of months is prioritizing emergency and inpatient cases,” he said. “So, we’ve had to cancel about 8,000 appointments due to the cyberattack, that said, at the same time

Ontario hospital faces slow climb to safe storage of health records after cyberattack

Bluewater Health, hardest hit in a massive cyberattack on five Southwestern Ontario hospitals last fall, is belatedly taking steps to modernize its aging technology for storing and sharing patients’ electronic health records.

The Sarnia-based hospital announced on Jan. 10 that it has selected Oracle Cerner, a large U.S.-based health-records vendor, to build its new patient-records system. The upgraded system will not be up and running until the end of this year.

Bluewater is the only hospital that had its electronic medical records stolen. The other four – Windsor Regional Hospital, Hôtel-Dieu Grace Healthcare, Chatham-Kent Health Alliance and Erie Shores HealthCare – use Oracle Cerner to house their patients’ health records, which is recognized as one of the most advanced and secure systems in the world.

As an interim measure, Bluewater is working on restoring the health-information system it has used for more than 30 years. That system, Meditech, has been shut down since the attack last Oct. 23, leaving Bluewater lagging behind the other four hospitals in getting back online.

The breach forced the hospitals to cancel thousands of diagnostic tests and send cancer patients to other health care centres in London, Toronto and Detroit. Emergency departments became busier than normal.

Patient care is pretty much back to normal at all the hospitals, with the exception of Bluewater, which cares for 131,000 residents of Sarnia-Lambton. Its backlog of appointments for MRIs, CT Scans, mammograms, ultrasounds and other tests had grown to 8,000 as of last week from 5,200 in mid-December, said Bluewater spokesman Keith Marnoch.

“We anticipate that the system will be operational for hospital-wide use in limited capacity within the coming weeks,” he told The Globe and Mail.

The hospital’s leadership had committed back in 2013 to updating its system but never followed through. As a result of that

Proposed class-action lawsuit seeks damages over 2021 cyberattack on N.L. health-care system

Man with white beard with hair to shoulders in dress shirt and shawl over shoulders standing in front of brick house.
Lawyer Bob Buckingham is hopeful the proposed class-action lawsuit will be certified. (Elizabeth Whitten/CBC)

A proposed class-action lawsuit has been filed over the cyberattack on Newfoundland and Labrador’s health-care system that took place in the fall of 2021.

The attack, carried out by cyber-thieves affiliated with the Hive ransomware group, stole both personal medical information as well as employee information from thousands of people.

The Office of the Information and Privacy Commissioner called it the largest hack of its kind in the province, and one of the largest in Canada to date. A report released in May from the office found that security deficiencies were known well before the cyberattack took place and were not corrected by officials.

Lawyers Bob Buckingham and Eli Baker filed a statement of claim at the Supreme Court of Newfoundland and Labrador on Nov. 9 on behalf of two plaintiffs, Fred Harnum and Allison George.

The defendants are listed as Newfoundland and Labrador Health Services and the provincial Department of Health and Community Services.

“People have been terrified about this. People have heard about breaches of privacy in the past, but in this particular case personal, private medical information has been stolen,” Buckingham told CBC News.

He said “nefarious people” were behind the attack and people have been left to wonder how their information might be misused, including to create fake identities.

“And we don’t know, in this particular case, if the government has, you know, paid a ransom on this or if they have any guarantees that the information is not going to be used. People are very worried,” he said.

Buckingham said his firm has been contacted by several people who have been impacted by the breach.

WATCH I Lawyer Bob Buckingham outlines why people are suing after the 2021 health data cyberattack

Data on 267,000 Sarnia patients going back 3 decades among cyberattack thefts at 5 Ontario hospitals

Patients’ information — including the reasons for their visits — going back three decades from Bluewater Health in Sarnia, Ont., and its predecessor hospitals is among the data confirmed stolen in the cyberattack on five southwestern Ontario hospitals.

Transform, the hospital’s IT provider, now confirms a database report containing information on 267,000 patients was taken. The report includes details about “every patient” seen at Bluewater Health and its predecessors since Feb. 24, 1992.

Those predecessor institutions are:

  • Lambton Hospitals Group.
  • Charlotte Eleanor Englehart Hospital of Bluewater Health.
  • Sarnia General Hospital.
  • St. Joseph’s Hospital. 

“We condemn the actions of cyber criminals, in the health-care sector and elsewhere, in our communities and around the world,” Transform said in a statement Thursday that was distributed by the hospitals. 

“We understand the concern this incident has raised within our communities, including patients and our employees and professional staff, and we deeply apologize.”

The database report taken from Bluewater Health includes names and addresses, as well as the reason for the visit and “general notes on prior registrations” among other personal information. 

WATCH | What group claiming it’s behind cyberattack says about how it got into Ontario hospital systems:

According to a blog, cybercriminal group Daixin says it has attacked the hospitals in southwestern Ontario and forced them to go dark. CBC’s Jennifer La Grassa breaks down more details the group shared about how it got into hospital systems.

Cybercriminal group claims responsibility for ransomware attack on hospitals

Featured VideoAccording to a blog, cybercriminal group Daixin says it has attacked the hospitals in southwestern Ontario and forced them to go dark. CBC’s Jennifer La Grassa breaks down more details the group shared about how it got into hospital systems.

Social insurance numbers for about 20,000 patients at Bluewater Health and the other hospitals were

Cyberattack at 5 southwestern Ontario hospitals leaves patients awaiting care

As five southwestern Ontario hospitals grapple with a cyberattack they say has caused delays, some patients and their families say they’ve been left waiting for hours and had procedures cancelled. 

Tianna Giesbrecht says she arrived at the Windsor Regional Hospital’s Met campus by ambulance around 5 p.m. Monday for what she suspects is a problem with her appendix. She says she was still waiting by 2 p.m. Tuesday and was later seen that evening. 

Speaking to a CBC reporter via Facebook Messenger, Giesbrecht says people waiting with her in the hospital have left without being seen. Staff, she says, are using paper records and seem “frustrated.”

“It’s extremely frustrating knowing that our hospitals aren’t better equipped against this sort of thing,” Giesbrecht said, noting she works in IT. 

“Plus it’s scary to think of how many people are in pain and needing help and we just sit here waiting.”

A low angle of a tall, hospital building.
Windsor Regional Hospital’s Ouellette Campus is one of five area hospitals experiencing a cyberattack. (Mike Evans/CBC)

Online services such as patient records and email have been down since Monday morning at the five hospitals — Windsor Regional Hospital, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare, Bluewater Health and the Chatham-Kent Health Alliance.

The five impacted hospitals are not providing comment on Tuesday. 

The hospitals released a statement Monday night saying that they would be contacting those with care scheduled in the coming days to reschedule or provide other arrangements.

“Also, we would continue to ask if you are not needing emergency care to attend your primary care provider or local clinic to reduce the impact upon the hospitals as we work towards addressing these issues and focus on those needing hospital care,” the hospitals said in a joint statement

“Unfortunately, we may not be able to reach all patients, and we request

Cyberattack on B.C. health employer websites may have taken personal information

A cyberattack on three websites hosted by the Health Employers Association of British Columbia may have seized the personal information of thousands of people working or applying to work in B.C.’s public health care sector.

Michael McMillian, CEO of the association, said stolen information could include social insurance numbers, home addresses, passport and driver’s licence details, along with other personal information. He said 240,000 email addresses alone were possibly taken.

The cyberattack targeted three websites recruiting physicians, nurses and other health professionals: Health Match B.C., Locums for Rural B.C. and the B.C. Care Aide & Community Health Worker Registry.

B.C. has been on a major recruitment drive to attract desperately needed health-care workers to the province. 

One of the compromised sites was used to recruit physicians, registered nurses and other health professionals on behalf of health employers. The others helped with vacation coverage for rural doctors and registered care aides working in places including long-term care facilities.

“I sincerely regret this event happened and I want to reassure everyone that we are working with cybersecurity and privacy experts to address the incident,” said McMillian.

“We know that not all of the information in the potentially affected databases was taken, however, at this time we are not able to conclusively determine which information was involved,” he said.

Individual health records have not been affected and the breach is not associated with a ransomware attack, according to McMillian. For now, anyone wanting to register for the programs won’t be able to do so online but can contact the programs directly, he added.

In the aftermath of the cyberatttack, a message on the BCHEA website says the affected websites are down for maintenance.
In the aftermath of the cyberatttack, a message on the BCHEA website says the affected websites are down for maintenance. (BCHEA)

The CEO said the association will reach out to everyone whose information may have been compromised over the next

Cyberattack disrupts hospitals and health care in the U.S.


Hospitals and clinics in several states on Friday began the time-consuming process of recovering from a cyberattack that disrupted their computer systems, forcing some emergency rooms to shut down and ambulances to be diverted.

Many primary care services at facilities run by Prospect Medical Holdings remained closed on Friday as security experts worked to determine the extent of the problem and resolve it.

John Riggi, the American Hospital Association’s national advisory for cybersecurity and risk, said the recovery process can often take weeks, with hospitals in the meantime reverting to paper systems and humans to do things such as monitor equipment and run records between departments.

“These are threat-to-life crimes, which risk not only the safety of the patients within the hospital, but also risk the safety of the entire community that depends on the availability of that emergency department to be there,” Riggi said.

The latest “data security incident” began Thursday at facilities operated by Prospect, which is based in California and has hospitals and clinics there and in Texas, Connecticut, Rhode Island and Pennsylvania.

“Upon learning of this, we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists,” the company said in a statement Friday. “While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible.”

The White House has been monitoring the cyberattack, said Adrienne Watson, a spokesperson for the National Security Council.

Watson also said in a statement that “the Department of Health and Human Services has been in contact with the company to offer federal assistance, and we are ready to provide support as needed to prevent any

N.L.’s privateness watchdog expects cyberattack answers from health authorities by mid-April

Newfoundland and Labrador’s impartial privacy watchdog suggests earlier personnel turnover in the office and the length of time it is using to get responses from provincial health and fitness officials have slowed its investigation of the 2021 cyberattack.

But the office is stressing that a “strong” investigation is ongoing, with timelines that suggest a closing report could be launched this spring.

In a press release issued Thursday morning, the privacy commissioner’s business office mentioned investigators are waiting around for responses to a sequence of thoughts that have been despatched to the province’s four regional health and fitness authorities, the Newfoundland and Labrador Centre for Health Details, and the health and fitness office.

“Our questions to the Section of Well being and Community Expert services, which were disclosed publicly by the provincial govt in a recent court submitting, have been sent to the department’s counsel on Jan. 9,” Sean Murray reported in a statement.

“We hope to obtain the department’s response, as effectively as those of the other general public bodies, no later than mid-April. That is much more than more than enough time to entirely solution our concerns, and I anticipate practically nothing much less than a thorough, specific established of responses.”

Murray, the director of investigate and excellent assurance in the privacy commissioner’s business office, took more than the cyberattack investigation previous 7 days, following commissioner Michael Harvey recused himself from the probe.

Previously this month, the province launched a courtroom action to have Harvey removed from the system, citing problem about “a sensible apprehension of bias” joined to his previous roles with the government.

Harvey was an assistant deputy minister of health and fitness ahead of becoming appointed facts and privacy commissioner in the summertime of 2019. He also served on the board of the Newfoundland and Labrador

N.L. says Hive ransomware group was behind 2021 cyberattack on wellness programs

The Newfoundland and Labrador authorities claims the Hive ransomware group was at the rear of a cyberattack that paralyzed the province’s wellbeing-care system a yr and a half in the past.

But best government officers however is not going to say regardless of whether they paid a ransom.

“We won’t be able to disclose nearly anything about a ask for for a ransom, for protection reasons,” Justice Minister John Hogan informed reporters Tuesday afternoon.

“Once again, that is tips we get from security companies, lawful directions, legal suggestions, and other groups that have experienced this transpire to them.”

U.S. legislation enforcement officials declared in January that they experienced dismantled the Hive ransomware community.

Hogan said that disclosure cleared the way for officers in Newfoundland and Labrador to eventually say who was responsible for the assault that focused their methods 18 months ago.

“Just one of the explanations once again, I want to pressure, that we’re in a position to reveal who the entity is, is for the reason that of the function that was finished in the States by the Office of Justice there,” Hogan mentioned.

“We now know that the danger has been extinguished. So now that that does not exist any additional, we feel we are risk-free to disclose it to the general public. Doing so any before would have still, we felt, put techniques at chance.”

A man wearing a suit looks at the camera and smiles.
Newfoundland and Labrador Justice Minister John Hogan would not say whether the province paid a ransom to cyberattackers in 2021. (Terry Roberts/CBC)

According to U.S. legislation enforcement, the Hive ransomware team specific additional than 1,500 victims all around the planet and gained over $100 million in ransom payments, beginning in June 2021.

American officials stated the FBI had penetrated Hive’s laptop networks because late July 2022, captured its decryption keys, and

Back To Top