Toronto based hospital network Scarborough Health Network (SHN), has confirmed that they suffered a cyber incident that was first noticed on January 25th. Investigations were then conducted, and it was found that both current and past data was likely at risk. The security team working with SHN was able to confirm that the threat actors behind the breach no longer had access after February 1st. Information that was likely accessed when threat actors were in the network includes patients’ names, dates of birth, marital statuses, home addresses, phone numbers, email addresses, OHIP numbers, insurance policy numbers, lab results, diagnosis information, and COVID-19 immunization records. Some employee information may have also been viewable. At this time, SHN does not believe there has been any misuse of the information, but that could change moving forward. Ontario’s information and privacy commissioner has been notified and SHN has vowed to give all patients, past and present, free access to a two-year subscription of identity monitoring and credit fraud monitoring.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is