Saskatoon gynecology clinic hit with ransomware attack: report
A ransomware attack on a Saskatoon obstetrics and gynecology clinic left the personal health information of up to 20,000 patients in the hands of malicious hackers, according to the province's privacy watchdog.
In a report issued in September, Privacy Commissioner Ronald Kruzeniski said the attack targeting Saskatoon Obstetric and Gynecologic Consultants resulted from a staff member opening a malicious email attachment at their workstation in late December 2020.
On Christmas Eve, staff were alerted by external IT providers they were locked out of their systems, with hackers demanding payment to unlock the data, says Kruzeniski.
The clinic proceeded to shut down its local network and internet connectivity, then hired outside consultants the Security Resource Group to investigate the issue. A lawyer hired by the clinic proactively disclosed the breach to the privacy commissioner.
By early January 2021 the security firm had reached a settlement with the hackers, with the clinic paying for the decryption software to unlock their system.
The security consultants then monitored the dark web for indications the health data was released anyway. Nothing turned up as of the publication of the report, according to Kruzeniski.
In a statement to CTV News Saskatoon, the clinic said it considers the risk to patients low given the steps taken to mitigate the risk.
“Saskatoon Obstetric and Gynecologic Consultants takes the privacy of its patients and this incident very seriously. As soon as [the clinic] … became aware of the incident, it took immediate and comprehensive steps including engaging cybersecurity experts to investigate and contain the incident.”
There is no evidence that any patient information has been misused as a result of the incident, the statement says.
Kruzeniski found that although the clinic was proactive in reporting the breach to his office and the Saskatoon police, it has not been able to contain the breach or provide sufficient notice to the affected patients, nor was it able to fully investigate the ransomware attack.
With no guarantee the attackers did not keep copies of the data, Kruzeniski recommends the clinic continue monitoring the dark web for five years for any sign of its patients’ data.
In his report, the privacy commissioner describes the dark web.
“The dark web is well known due to media reporting on illicit activity that occurs there. Malicious actors use the dark web to communicate about, sell, and / or distribute illegal content or items such as drugs, illegal weapons, malware and stolen data,” Kruzeniski says.
“However, just like the surface web, there are several legitimate activities on the dark web as well, including accessing information, sharing information, protecting one’s identity and communicating with others.”
RANSOMWARE MORE COMMON, SAYS TECH EXPERT
There are a few things that can be done to mitigate the risk of a ransomware attack, says Chad Jones, a former Apple engineer and current owner of Push Interactions in Saskatoon.
“You have to look at this criminal enterprise as a business. If there’s not a good return on investment for them to attack your system, they’ll move on to a system that’s more vulnerable.”
Even in the banking industry, they realise that if someone wants in, and they have enough time and resources, they’ll probably find a way, he says.
“Fortunately most of these thieves only have limited resources.”
In the ransomware world, payments are generally made in cryptocurrency, said Jones. It’s not uncommon to see ransoms higher than $50,000 paid out to these criminal groups.
There does at least seem to be some honour among thieves in this industry, he says.
“The one good thing that I can say about these ransomware attackers: they’re pretty good at getting you back up and running.”
CTVNews.ca Top Stories
BREAKING Canadian killed near Gaza border after threatening forces with knife: Israeli police
Israeli police say a Canadian citizen was killed Monday after threatening Israeli security forces with a knife near the Gaza border.
Harris looks to lock up Democratic nomination after Biden steps aside, reordering 2024 race
U.S. Vice President Kamala Harris moved swiftly to lock up Democratic delegates behind her campaign for the White House after President Joe Biden stepped aside amid concerns from within their own party that he would be unable to defeat Donald Trump.
What to know about the Canadian ties of Kamala Harris, Biden's choice for successor
U.S. President Joe Biden is stepping aside as the Democratic candidate in that country's November election and throwing his support behind Vice President Kamala Harris -- a Montreal-area high school graduate who spent several years in the city.
The pilot who died in crash after releasing skydivers near Niagara Falls has been identified
NEW YORK (AP) — Officials on Sunday released the name of a pilot who died in a skydiving flight after her passengers jumped from the aircraft near the Niagara Falls.
Markets bet on second Bank of Canada interest rate cut coming this week
Economists and market watchers are betting the Bank of Canada will deliver another interest rate cut this week amid mounting evidence that inflation is sustainably easing.
10,000 unionized employees return to work, stores to reopen Tuesday: LCBO
Workers are back on the job today at Ontario's main liquor retailer, but the Liquor Control Board of Ontario says stores won't be open for business until Tuesday.
Canadian musicians struggle to get visas to perform in the U.S., some cancel shows
Backlogs and processing delays of temporary U.S. visas required by entertainers, athletes and artists has forced some Canadian bands to cancel U.S. tour dates because paperwork wasn't processed in time.
Mom wants quicker reform on disaster preparations, one year after flood took son
The mother of a boy who died a year ago in a Nova Scotia flood says her grief returns daily, along with frustration over what she considers the province's slow pace in reforming its preparations for climate disasters.
Ottawa man waiting nearly a year for car to be fixed at Acura dealership
An Ottawa man says he’s been waiting nearly a year for his car to be repaired after it was damaged during a storm in August.