Shared service supplier TransForm has printed an replace on the cyberattack that not too long ago impacted operations in a number of hospitals in Ontario, Canada, clarifying that it was a ransomware assault.
The group confirms that the attackers managed to steal a database containing info on 5.6 million affected person visits, comparable to roughly 267,000 distinctive people.
TransForm is a not-for-profit, shared service group based by 5 hospitals in Erie St. Clair, Ontario, to handle their IT, provide chain, and accounts payable.
The cyberattack occurred in late October, impacting 5 hospitals working underneath the group’s umbrella, together with Bluewater Well being, additionally an Ontario-based hospital counting on Rework’s providers.
The incident prompted operational disruptions, forcing the healthcare suppliers to reschedule appointments and redirect non-emergency instances to different clinics within the space.
BleepingComputer reached out to the group at the moment however didn’t obtain any particulars about the kind of assault TransForm confronted.
Final week, the publication DataBreaches.reported that the DAIXIN Staff claimed accountability for the assault and the hackers steadily began to leak samples of the information stolen from the hospitals’ networks.
The menace actors said they may cease the leak as they had been extra thinking about promoting it to knowledge brokers.
In an replace yesterday, TransForm confirmed the ransomware assault and that the hackers exfiltrated from their methods. The group additionally made it clear that it doesn’t intend to pay the ransom.
“Bluewater Well being, Chatham-Kent Well being Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital, and our shared service supplier TransForm Shared Service Group had been not too long ago the victims of a ransomware assault,” reads the assertion
“We didn’t pay a ransom and we’re conscious that knowledge related to the cyber incident has been printed.” – TransForm
The group defined that the attackers compromised an operations file server that hosted worker knowledge, and in addition shared drive house utilized by the impacted hospitals.
The shared drive has various influence on the hospitals, as every opted to retailer differing kinds and quantities of knowledge in it. Based mostly on the investigation to this point, the influence for every hospital is the next:
- Bluewater Well being: Data on 5.6 million affected person visits comparable to 267,000 distinctive sufferers.
- Chatham-Kent Well being Alliance: Data on 1446 people who labored within the hospital as of February 2021. Contains names, addresses, social insurance coverage numbers, gender, marital standing, date of delivery, and pay charge.
- Erie Shores HealthCare: Data on 352 present and previous workers of the hospital.
- Windsor Regional Hospital: Data on a restricted variety of sufferers, together with names and a quick abstract of their medical situations.
- Hôtel-Dieu Grace Healthcare: Data on some sufferers (at present present process evaluation)
For Bluewater Well being, which had essentially the most knowledge uncovered, the assertion clarifies that the knowledge doesn’t embrace medical information. Nonetheless, the precise contents of the stolen information are nonetheless topic to investigation.
TransForm’s announcement concludes by asking for endurance as the method of figuring out the scope of the influence and the kinds of knowledge which have been uncovered is time-consuming. The group promised to supply common updates on the matter.
