UPDATE: eHealth files stolen in ransomware attack
Progress is being made to mend ehealth Saskatchewan’s servers that were involved in a cyberattack.
Ransomware was detected by eHealth’s antivirus software on the morning of Jan. 5. Services like MySaskHealthRecord, which has been temporarily disabled, were impacted.
There is no evidence that confidential patient information was compromised, according to Saskatchewan’s main service provider of health information.
EHealth officials said staff successfully isolated the virus affecting its computer systems.
“EHealth and a special team from Microsoft have now shifted work to restoring applications that eHealth had shut down as a precautionary measure,” said a statement from eHealth on Jan. 16.
“EHealth would like to thank all those impacted for their continued patience and cooperation as work continues to restore full administrative functions within the health system.”
The Information and Privacy Commissioner of Saskatchewan (IPC) said on Jan. 16 it is investigating the cyberattack and potential privacy breach.
IPC officials said their investigation will examine whether an information breach took place and if so, the scope of the breach, the circumstances leading to it, and what, if any, preventative measures eHealth could have taken.
Investigators will also look at ways eHealth can avoid future attacks.
IPC said the report will be made public once its investigation is done.
People with questions can email eHealth at privacyandaccess@eHealthSask.ca or call 1-855-347-5465. Complaints can be filed with IPC at 306-787-0488 or 1-877-748-2298.