Ontario government still silent after hospital ransomware attacks

Share post:

Six days after being asked for comment, the government of Ontario is still considering a public response to recent cyber attacks on hospitals in the province.

Last week, an IT World Canada reporter asked for comment from the Ministry of Public and Business Service Delivery on the ransomware attack on five southwestern Ontario hospitals that share an IT services provider, and a cyber attack on a Toronto hospital.

However, while a spokesperson for the department says it is considering a response, none has been received.

The request was made to the ministry because last year it received a report from an expert panel on cybersecurity in the provincial broader public sector, which includes hospitals, municipalities and school boards. In response to that report, the government said it “accepted recommendations outlined in the final report.” However, no timeline for implementing the recommendations was given.

“Work is underway to assess and implement measures that will improve and strengthen the province’s cyber security ecosystem,” the government said at the time.

In the initial request for comment on Nov. 9, the department was asked for an interview with Minister Todd McCarthy. We were told he was not available, and were asked to submit written questions. Those questions include asking what the government has been doing since it learned of the attacks, and whether these successful attacks meant these incidents are evidence that the government hasn’t done enough to improve cybersecurity in the broader public sector.

The Nov. 9 request for comment came after the provincial information and privacy commissioner said it has opened an investigation into the ransomware attack on the southwestern Ontario hospitals.

Asked yesterday when a response is coming, Jeffrey Stinson, the department’s digital and social media advisor, replied in an email that the department is “working to address your questions and provide a fulsome response as soon as possible.” Over 24 hours later there was still no response.

The ransomware attack by Daixin Team through IT provider TransForm Shared Service on the five hospitals — Bluewater Health of Sarnia, Chatham Kent Health Alliance, Erie Shores HealthCare of Leamington, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital — took place on Oct. 23.

The hospitals are still weeks away from full recovery of IT-related services. According to CBC News, Windsor Regional Hospital is manually processing pay for thousands of staff — and is warning employees there may be errors.

According to The Windsor Star, stolen data publicly posted by the ransomware gang contains what it calls deeply personal information about hundreds of hospital patients. The news service also said Windsor Regional Hospital had to send cancer treatments to Kitchener as a result of the attack.

Separately, Toronto’s Michael Garron Hospital said it had suffered a cyber attack. In a Nov. 8 update, the hospital said it didn’t pay a ransom. It said some personal data of hospital employees and credentialed clinicians employed from January 2015 to November 2023 was stolen. The information includes home addresses, social insurance numbers, bank account numbers (for employees on direct deposit) and earnings information for affected employees and home addresses, social insurance numbers and earnings information for affected credentialed clinicians.

The post Ontario government still silent after hospital ransomware attacks first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Cyber Security Today, Dec. 4, 2023 – A warning to water treatment utilities, a boot vulnerability could affect millions of PCs, and more.

This episode  reports on a campaign against critical infrastructure using PLCs, a vulnerability in PCs

Cyber Security Today, Week in Review for Friday, December 1, 2023

This episode features a discussion on ransomware, the latest explanation from Okta of a support hack and a survey of infosec pros whose firms w

Cyber Security Today, Dec. 1, 2023 podcast – More on Booking.com compromises

This episode reports on the sanctioning of the Sinbad crypto mixe

All Okta customer support users had their email addresses copied

Identity and access provider Okta now says the threat actor who accessed its customer help desk system last month got the names and email addresses of all contacts of organizations that use its support system. Originally, the company said that, after an investigation, it determined only one per cent of the contacts from its 18,000

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways