The Hospital for Sick Youngsters, extra generally often known as SickKids, is amongst healthcare suppliers that had been impacted by the latest breach at BORN Ontario.
The highest Canadian pediatric hospital disclosed that as part of its operations, it shares private well being info with BORN Ontario “associated to being pregnant, beginning and new child care.”
The BORN Ontario data breach that impacted 3.4 million individuals was brought on by the exploitation of well-known zero-day vulnerability (CVE-2023-34362) in Progress MOVEIt Switch software program.
SickKids additionally hit by BORN Ontario breach
On Monday, September twenty fifth, SickKids disclosed that it’s “among the many many Ontario healthcare suppliers” that share delicate well being info with BORN Ontario, a perinatal and little one registry that collects, interprets, shares and protects important information about being pregnant, beginning and childhood within the province of Ontario.
Since BORN Ontario was a sufferer of a security incident that affected 3.4 million individuals, as BleepingComputer reported yesterday, SickKids warns that its sufferers and associates might also have been affected.
“We’re among the many many Ontario healthcare suppliers that share private well being info with BORN Ontario associated to being pregnant, beginning and new child care – necessary healthcare encounters that may have an effect on lifelong well being,” states SickKids in its disclosure.
“BORN collects information from healthcare suppliers pursuant to the authority afforded to it within the Private Well being Data Safety Act (PHIPA). BORN Ontario makes use of this info to establish instant care gaps affecting people, hyperlink info to acceptable care suppliers, carry out well being system high quality assurance, and analyze information for rising tendencies.”
Uncovered information of these impacted by the BORN Ontario data breach included, at a minimal:
- Full identify
- Dwelling handle
- Postal code
- Date of beginning
- Well being card quantity
Relying on the kind of care obtained by BORN, the uncovered information might also have included:
- Dates of service/care,
- Lab check outcomes,
- Being pregnant danger elements,
- Sort of beginning,
- Procedures,
- Being pregnant and beginning outcomes
BORN has created a net web page with particulars in regards to the influence the incident has on its sufferers and who is probably going affected by the info theft.
With out revealing extra particulars about what number of SickKids sufferers and associates had been affected, the hospital additionally directed events to go to BORN’s aforementioned webpage, to search out out if they’ve been impacted.
It’s value noting, SickKids might not be the one hospital to be affected by the BORN Ontario security incident, and comparable such disclosures could also be forthcoming from different healthcare suppliers within the upcoming weeks.
December final yr, SickKids was hit by the LockBit ransomware group, who later apologized—blaming the faulty act of focusing on a medical facility on an affiliate, and supplied the hospital a “free decryptor.”
