Advertisement

B.C. health authority hit with ransomware attack

A programmer shows a sample of a ransomware cyberattack on a laptop in Taipei, Taiwan, 13 May, 2017.
A programmer shows a sample of a ransomware cyberattack on a laptop in Taipei, Taiwan, 13 May, 2017. EPA/RITCHIE B. TONGO

Vancouver Coastal Health says it was the victim of a cyberattack this spring.

VCH says hackers used a ransomware program to hit a computer system used for its Employee and Family Assistance Program (EFAP), a counselling and wellness service for VCH workers.

No patient data was included on the computer system, the health authority said.

Read more: Sask. auditor reviewing eHealth cyber security amid ransomware attack

Ransomware is a type of malicious software that locks down computers or networks unless the victim pays the attacker a ransom.

VCH said that as soon as it learned of the May 21 attack, it hired external cybersecurity experts to investigate and reported the incident to B.C.’s information and privacy commissioner.

Story continues below advertisement
Click to play video 'Tips to protect your devices from ransomware malware' Tips to protect your devices from ransomware malware
Tips to protect your devices from ransomware malware – Mar 19, 2018

Read more: RCMP investigating after Manitoba child welfare agency says it was hit with ransomware cyberattack

It says the investigation found no evidence of data being “removed or misused” in the attack. VCH has been able to restore the last five years of data in the system up to February 2020, and partial data from February to May.

According to the health authority, the computer network hosting the EFAP was separate from VCH’s main system and being administered by an independent IT company at the time of the attack.

Read more: Government of Nunavut falls victim to ransomware attack

The EFAP system has since been into VCH’s main network for “ongoing oversight and security protection,” said the health authority.

Story continues below advertisement

VCH is now contacting EFAP clients who used services between 2015 and 2020, and offering them free credit monitoring services.