Saskatoon gynecology clinic hit with ransomware attack: report
A ransomware attack on a Saskatoon obstetrics and gynecology clinic left the personal health information of up to 20,000 patients in the hands of malicious hackers, according to the province's privacy watchdog.
In a report issued in September, Privacy Commissioner Ronald Kruzeniski said the attack targeting Saskatoon Obstetric and Gynecologic Consultants resulted from a staff member opening a malicious email attachment at their workstation in late December 2020.
On Christmas Eve, staff were alerted by external IT providers they were locked out of their systems, with hackers demanding payment to unlock the data, says Kruzeniski.
The clinic proceeded to shut down its local network and internet connectivity, then hired outside consultants the Security Resource Group to investigate the issue. A lawyer hired by the clinic proactively disclosed the breach to the privacy commissioner.
By early January 2021 the security firm had reached a settlement with the hackers, with the clinic paying for the decryption software to unlock their system.
The security consultants then monitored the dark web for indications the health data was released anyway. Nothing turned up as of the publication of the report, according to Kruzeniski.
In a statement to CTV News Saskatoon, the clinic said it considers the risk to patients low given the steps taken to mitigate the risk.
“Saskatoon Obstetric and Gynecologic Consultants takes the privacy of its patients and this incident very seriously. As soon as [the clinic] … became aware of the incident, it took immediate and comprehensive steps including engaging cybersecurity experts to investigate and contain the incident.”
There is no evidence that any patient information has been misused as a result of the incident, the statement says.
Kruzeniski found that although the clinic was proactive in reporting the breach to his office and the Saskatoon police, it has not been able to contain the breach or provide sufficient notice to the affected patients, nor was it able to fully investigate the ransomware attack.
With no guarantee the attackers did not keep copies of the data, Kruzeniski recommends the clinic continue monitoring the dark web for five years for any sign of its patients’ data.
In his report, the privacy commissioner describes the dark web.
“The dark web is well known due to media reporting on illicit activity that occurs there. Malicious actors use the dark web to communicate about, sell, and / or distribute illegal content or items such as drugs, illegal weapons, malware and stolen data,” Kruzeniski says.
“However, just like the surface web, there are several legitimate activities on the dark web as well, including accessing information, sharing information, protecting one’s identity and communicating with others.”
RANSOMWARE MORE COMMON, SAYS TECH EXPERT
There are a few things that can be done to mitigate the risk of a ransomware attack, says Chad Jones, a former Apple engineer and current owner of Push Interactions in Saskatoon.
“You have to look at this criminal enterprise as a business. If there’s not a good return on investment for them to attack your system, they’ll move on to a system that’s more vulnerable.”
Even in the banking industry, they realise that if someone wants in, and they have enough time and resources, they’ll probably find a way, he says.
“Fortunately most of these thieves only have limited resources.”
In the ransomware world, payments are generally made in cryptocurrency, said Jones. It’s not uncommon to see ransoms higher than $50,000 paid out to these criminal groups.
There does at least seem to be some honour among thieves in this industry, he says.
“The one good thing that I can say about these ransomware attackers: they’re pretty good at getting you back up and running.”
CTVNews.ca Top Stories

'Big, dark canvas of despair': Rick Hansen speaks on how his mindset changed after being paralyzed
Rick Hansen's life changed the day he was told he'd never walk again, but instead of letting his disability stand in his way, he became an advocate for accessibility rights and a Paralympic Athlete. Here's how that happened.
Sandie Rinaldo: Rick Hansen marks the 50th anniversary of his life-changing accident by visiting the scene
Rick Hansen lost the use of his legs in a truck accident when he was just 15 years old, CTV National News anchor, Sandie Rinaldo interviewed him recently while visiting the place where his life changed irrevocably.
Alleged Montreal-area 'Chinese police stations' planning to sue RCMP for $2.5 million
Two Chinese community centres in the Montreal area are planning to launch a $2.5 million defamation lawsuit against the RCMP and the Attorney General of Canada after being accused by the police force of hosting 'alleged Chinese police stations.'
Lawyer in Ali murder trial says 13-year-old B.C. victim was not an 'innocent'
Ibrahim Ali's lawyer says the 13-year-old girl he's accused of murdering in a British Columbia park wasn't the “innocent” depicted in a “rose-coloured” portrayal by the Crown at trial.
'I cry all the time': Nova Scotia couple returns after 40 days in Gaza
It has been five days since Palestinian-Canadian couple, Khalil and Nabila Manna, returned from visiting relatives in Gaza, but while the couple planned to visit for a short-period of time, the Israel-Hamas conflict left them stranded for 40 days
With Canada set to reimpose cap on working hours, international students worry about paying for tuition, living expenses
Canada is set to reimpose the cap on the number of hours that international students can work off campus. But with heightened cost-of-living concerns in Canada, many international students say they're not sure how they'll be able to afford their tuition and living expenses if they can't work full-time.
Inmate stabbed Derek Chauvin 22 times, charged with attempted murder, prosecutors say
A federal inmate was charged Friday with attempted murder in the prison stabbing of Derek Chauvin, the former Minneapolis police officer convicted of murdering George Floyd.
'Jumped over their heads': Kangaroo escapes Ontario zoo during overnight stay
The search for a kangaroo that escaped an Ontario zoo will resume on Saturday morning, according to staff and volunteers.
Mild, rainy winter expected as Canada warms at twice the global rate
Winter will be unusually warm and rainy across much of the country this year, according to the latest data from Environment and Climate Change Canada.