Ontario hospitals warn stolen patient, employee data may be published

Five Ontario hospitals affected by a recent ransomware attack, along with their shared IT provider, are warning patients and staff that their data may be published.

The attack caused an outage of some online services at Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital on Oct. 23.

Affected hospitals have been forced to postpone and reschedule many surgeries and appointments.

The hospitals and TransForm, a non-profit group tasked with overseeing the hospitals’ I-T systems, say an investigation involving “leading cybersecurity experts” has determined certain patient, employee and professional staff data has been taken and may be released publicly.

They say the hospital organizations are working to restore systems, and updates related to the restoration of systems is expected in next week.

The group says its working closely with law enforcement including local police departments, Ontario Provincial Police, INTERPOL and FBI, and it has notified all relevant regulatory organizations including the Ontario Information and Privacy Commissioner.

This report by The Canadian Press was first published Nov. 1, 2023.