Tara Jeffrey
Bluewater Health appears to be the hardest hit of a group of southwestern Ontario hospitals targeted in a crippling cyberattack as officials announced Monday that data on some 5.6 million patient visits has been stolen.
“The attackers targeted a Bluewater Health patient database report,” the group of hospitals said in a joint statement Monday, confirming the theft of the report. “The stolen data includes information about approximately 5.6 million patient visits made by approximately 267,000 unique patients.”
The stolen database report did not include clinical documentation records, officials said, and the hospital is still in the process of identifying and notifying those individuals who were affected.
While it appears that some employee information was affected, officials say they’ve reached the ‘preliminary conclusion’ that no employee or professional staff social insurance numbers or banking information was taken.
“Out of an abundance of caution, since Monday October 30, Bluewater Health has been distributing two years of complimentary credit monitoring to all employees and professional staff,” the statement noted.
The group of hospitals — which also includes Chatham-Kent Health Alliance (CKHA), Erie Shores HealthCare (ESHC), Hôtel-Dieu Grace Healthcare (HDGH) and Windsor Regional Hospital (WRH), and shared service provider TransForm Shared Service Organization — confirmed they did not pay a ransom in connection to the attack, that has impacted patient services since first detected Monday, Oct. 23.
Officials say ‘preliminary conclusions,’ suggest the attack did not involve the theft of databases linked to employee payroll; accounts payable (i.e. vendor payments or payments to professional staff); electronic health record for all institutions other than Bluewater Health; and donor information.
“This incident has affected each institution differently. Some are less severely impacted than others,” the statement added. “The stolen data is in many formats, some of which are easier to analyze.”
The CKHA has confirmed the theft of an employee database report containing information about 1,446 individuals employed as of February 2, 2021.
“If you were employed by CKHA on that date, CKHA believes that your data was taken, including name, address, social insurance number, gender, marital status, date of birth and basic pay rate. This database report does not appear to include professional staff or volunteers,” the update noted, adding that no banking information was stolen.
At ESHC, a limited set of stolen data includes approximately 352 current and past employee social insurance numbers, and at WRH, ‘very limited portion of a shared drive used by hospital staff was accessed by the attacker,’ and no employee or professional staff social insurance numbers or banking information were affected.
Meanwhile, HDGH’s Electronic Health Record was not affected by the incident, and officials believe that no employee or professional staff social insurance numbers or banking information were taken.
The process of determining who is impacted will take time, officials added.
“The teams continue to work around the clock to restore systems. In the coming days, we anticipate providing a timeline on the restoration of operations at our facilities,” the hospital group added.
“We condemn the actions of cyber criminals, in the healthcare sector and elsewhere, in our communities and around the world. We understand the concern this incident has raised within our communities, including patients and our employees and professional staff, and we deeply apologize.”
A patient cybersecurity hotline has been established. For inquiries please call: 519-437-6212 (8 am to 11 pm Monday through Friday). Staff questions can be directed to their HR teams.
For the full statement, click here.