Cyber Security

Canadian healthcare provider issues data breach warning after server hack

Canadian healthcare service provider Scarborough Health Network (SHN) has warned that a data breach may have exposed patient healthcare records.

In a breach notice, SHN explained that its IT staff noticed unusual activity on its systems on January 25.

After containing the problem and calling in help from external IT forensics experts, a subsequent investigation discovered that a “subset of data” on a number of SHN’s servers had been accessed by unauthorized parties.

Unnamed hackers were kicked off its systems by February 1, according to SHN. IT security controls and monitoring practices have been upgraded to guard against potential follow-up attacks.

Patient information

The potentially exposed information includes patient names, birth dates, email addresses, home addresses, lab reports, diagnosis information, medical procedure details, insurance policy numbers, details of attending physicians, and more.

The data is limited to patients admitted to an SHN hospital rather than the many more who received vaccinations at SHN-run clinics during the Covid-19 pandemic.

By way of some reassurance, SHN said that it had not detected any abuse of the exposed data. SHN’s breach notice goes on the apologize for the incident and any stress it may have caused to patients.

The healthcare provider said that it had delayed notification of its breach in order to complete its investigation of the cybersecurity incident. The breach was notified to the Office of the Information and Privacy Commissioner of Ontario, Canada.

SHN did not disclose how many records were potentially exposed. The Daily Swig asked the healthcare provider about as well as requesting more detail on the initial vector and mechanism of its January cyber-attack.

No word back, as yet, but we’ll update this story as and when more information comes to hand.

Source: https://portswigger.net/daily-swig/canadian-healthcare-provider-issues-data-breach-warning-after-server-hack

Click to comment

You May Also Like

Cyber Security

The cyberattack that ultimately led to the breach of several U.S. officials’ email accounts was the result of a China-based threat actor accessing a...

Cyber Security

North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe...

Cyber Security

The well-known watch manufacturing company Seiko disclosed the data breach notification recently on Aug 2023, targeted by the notorious threat group BlackCat/ALPHV. BlackCat/ALPHV Group has been...

Cyber Security

Privileged users typically hold crucial positions within organizations. They usually have elevated access, authority, and permission levels in the organization’s IT systems, networks, applications,...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO

Exit mobile version