Cybersecurity incident breached 847 patients’ records at Lindsay, Ont. hospital: CEO

Click to play video: 'Cyber threats, AI, deepfakes targeting elections on the rise: CSE'
Cyber threats, AI, deepfakes targeting elections on the rise: CSE
RELATED: The Communications Security Establishment (CSE), Canada's cybersecurity watchdog, is warning that deepfakes generated by artificial intelligence could have an impact on the next federal election. Abigail Bimman looks at how foreign governments could take advantage of these cyber threats, and what Canada needs to do to prepare – Dec 6, 2023

Nearly 850 patient records at Ross Memorial Hospital in Lindsay, Ont., were accessed during what the hospital calls a cybersecurity incident in early February 2023.

On Thursday, hospital president and chief executive officer Kelly Isfan provided an update on the Feb. 5, 2023, cybersecurity incident. She said an investigation by its information technology team and external third-party cybersecurity experts determined that the personal health information of 847 patients was “affected and accessed without authorization.”

Isfan said patients were notified of the incident.

She said the cybersecurity was so extensive that some hospital’s systems — including its legacy MediPatient database — were so severely impacted that some if its applications and data were “rendered unusable.”

The incident prompted a IT Code Grey which included severing access to the internet. Isfan said that within 24 hours, the cybersecurity incident was considered contained.

Story continues below advertisement

She said hospital databases storing legacy health information from the 1960s to Feb. 5, 2023 were either encrypted and/or corrupted due to the cybersecurity incident. The databases affected included admission, discharge information, diagnostic imaging orders, and reports and consultation notes.

The latest health and medical news emailed to you every Sunday.

Corrupted records could include OHIP numbers, demographic information, lab results, diagnostic imaging, surgery results, medication usage, and more.

“Corrupted records include data in a file that may have been accessed without authorization, but it is impossible for RMH to confirm given the nature of the incident and the state in which the data was left, for example, if has become unusable, unreadable or inaccessible,” she said.

“However, if data has been corrupted, RMH does not have any evidence to suggest this information was removed from our systems during the incident.”

Isfan says in most cases, the hospital was successful in restoring records of visits and supporting documentation over the last six decades.

But she notes a subset of these corrupted records may have been impacted “to the point where unfortunately, we are no longer able to access them.”

“Nevertheless, while this patient data may have been subject to unauthorized access, encryption, and/or corruption, there is no indication of any malicious use of PHI as a result of the incident,” she said.

Story continues below advertisement

She said the Information and Privacy Commissioner of Ontario was notified of the incident. Any patient who wishes to file a complain can visit online.

Patients are advised to be diligent in monitoring any accounts for any possible incidents of fraud or identity theft, the hospital said.

The hospital advises connecting with ServiceOntario for any concerns about your health card number by calling 1-800-267-8097 or at online.

Individuals with other inquires about the cybersecurity incident can call the hospital at 705-324-6111 ext. 6284.

Sponsored content