Written by Tim Starks
Nov 10, 2021 | CYBERSCOOP
Intruders accessed patient and employee data after infiltrating health-releated IT systems in a breach that’s only now coming into focus.
A security incident affecting the province of Newfoundland and Labrador, first detected Oct. 30, took down multiple health networks, leading to the cancellation of thousands of appointments, including for chemotherapy treatments. The regional Eastern Health authority, which employees 13,000 people, on Tuesday announced that its email system was again functioning, more than a week after the initial compromise became known.
“As part of the on-going investigation into a cyberattack that impacted health care IT systems in Newfoundland and Labrador, it has been determined that some personal information and personal health information was accessed from the systems,” the provincial government said in a Nov. 9 news release. “A review is ongoing to determine if any other information is affected in the incident and further updates will be provided as appropriate.”
Hackers obtained access to 14 years’ worth of information on current and former Eastern Health patients and employees, and nine years’ worth for Labrador Grenfell Health. Patient information includes name, address, health care number, reason for visit, their doctor and birth