Officials at Humber River Hospital are scrambling to restore their computer systems after the facility in Toronto’s north end was the target of a ransomware attack.
A statement on the hospital’s website posted earlier in the week said during the early hours of Monday, it experienced a so-called “zero day ransomware of a new malware variant,” forcing staff to declare a code grey (a loss of essential services).
While the emergency department was still operational, some clinics were cancelled and ambulances were redirected.
“Since our systems are constantly updated (most recent patching June 13, 2021) and monitored this was discovered almost immediately and all IT systems were shut down, including our patient health records system,” the statement said, adding while no confidential information was breaking some files were corrupted.
Security engineer Kellman Mengu said ransomware attacks, which involve taking data, files and systems hostage remotely and often for money, are common and can cause massive disruptions for hospital operations.
“We have automated a lot of things in our world and we are now heavily dependent on the technology,” he said.
“I’m willing to bet there aren’t backup paper records easily accessible. Things like patient history and understanding what they have gone through the past for the doctors is critical for them to be able to make medical decisions.
“It’s not just patient records — it’s things like blood work, there are scans, MRIs and there are these huge data files that doctors rely on.”
A letter obtained by the Toronto Star that was reported to be written by a group of emergency physicians at the hospital called on hospital administrators to temporarily shut down the emergency room until the IT systems are restored.
Meanwhile, officials with Humber River Hospital, which was North America’s first all-digital hospital when it opened in 2015, said in a staff memo on Friday they anticipate several systems coming back online in the coming days. However, they’re looking forward to making changes to prevent the situation from happening again.
“We are working as a team to revise existing processes, rethink what work is critical to continue in this moment versus what can be reprioritized for a later point. We are also beginning to think about what recovery might look like and what resources and work might need to be completed as we get back to a point of being completely online.”