Hospital Cyberattack Compromises Data From Decades Ago

Governance & Risk Management , Incident & Breach Response , Security Operations

Ontario Entity Says Patient, Employee Information Affected Marianne Kolbasuk McGee (HealthInfoSec) • May 23, 2022     Arnprior Regional Health says a cyber incident in December affected patient and employee data – some of it decades old.

A cyberattack detected in December at a Canadian healthcare entity has compromised a wide range of data, including some patient information dating back to 1996, as well as employee vaccination records from last year. Some of the affected data belonged to a nonprofit group of affiliated clinicians.

See Also: OnDemand | Spotlight Discussion: Advanced Network Detection & Response

Arnprior Regional Health, which includes a hospital, long-term health facility and other healthcare services in Arnprior, Ontario, Canada, says in a statement posted recently on its website that on Dec. 21, 2021, it learned of unauthorized access to its IT system in which data was “taken.”

“This was a sophisticated attack, similar to countless incidents that are happening across North America,” ARH says in a frequently asked questions document about the incident.

An investigation determined that data connected with ARH, including personal information of some current and former employees and patients, had been taken in the incident, the statement says.

ARH says 13 different – but some overlapping – categories of data were affected in the incident, including various groups of information pertaining to colonoscopies, COVID-19 and flu vaccinations, emergency room and in-patient satisfaction surveys, and

Read more

Explore the site

More from the blog

Latest News