Vancouver Coastal Health says it was the victim of a cyberattack this spring.
VCH says hackers used a ransomware program to hit a computer system used for its Employee and Family Assistance Program (EFAP), a counselling and wellness service for VCH workers.
No patient data was included on the computer system, the health authority said.
Ransomware is a type of malicious software that locks down computers or networks unless the victim pays the attacker a ransom.
VCH said that as soon as it learned of the May 21 attack, it hired external cybersecurity experts to investigate and reported the incident to B.C.’s information and privacy commissioner.
It says the investigation found no evidence of data being “removed or misused” in the attack. VCH has been able to restore the last five years of data in the system up to February 2020, and partial data from February to May.
According to the health authority, the computer network hosting the EFAP was separate from VCH’s main system and being administered by an independent IT company at the time of the attack.
The EFAP system has since been into VCH’s main network for “ongoing oversight and security protection,” said the health authority.
VCH is now contacting EFAP clients who used services between 2015 and 2020, and offering them free credit monitoring services.