Toronto’s Humber River Hospital hit by ransomware

One of the country’s biggest and newest hospitals has been hit by ransomware.

Toronto’s 722-bed Humber River Hospital, which serves the northwest sector of the city, said today it’s the latest Canadian organization to be victimized. Opened in 2015, it was said at the time to be North America’s first digital hospital.

In a news release, the hospital noted that about 2 a.m. on Monday it suffered what it called “a zero-day ransomware of a new malware variant.”

According to hospital public affairs director Joe Gorman, the IT network was immediately shut.

“Since our systems are constantly updated (most recent patching June 13) and monitored this was discovered almost immediately and all IT systems were shut down, including our patient health records system,” the hospital said in a statement. “Ransomware usually encrypts files and then once most are encrypted asks for ransom. Since we shut down quickly, encryption is not an issue, although we are dealing with some corrupt files.

“The IT department has been working with an external recovery firm who are assisting by being in the facility and online with the recovery planning. We have over 5,000 computers (800 of which are servers) each will be restarted manually; the patch (just developed by Symantec) will be added to each computer and then each system recovered as required. We will bring systems back online in a staggered approach over the next 48 hours. It is important to know that no confidential information was released.”

The news release also says a number of clinics have been cancelled and concierge staff are assisting impacted patients. Surgeries will continue as planned and emergency department services are still running but on “ambulance redirect.”


Humber River’s iPlan solution

In the interview, Gorman said the attack hasn’t affected the institution’s COVID-19 vaccination site, which is located in an arena several blocks from the hospital. Yesterday the site handled 2,000 patients, and he expects the same number will be vaccinated today.

“There are longer waits than usual to our standards” in the emergency ward, Gorman added. “We have posted outside the hospital that due to unforeseen circumstances the wait could be longer [than normal.]”

No ransomware note has yet been sent by the attackers, Gorman said. He believes the IT department has identified the ransomware variant.

As for the restoration of IT service, Gorman was optimistic. “Hopefully by tonight part of it will be back up and by tomorrow afternoon the rest of it will be up.”


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

ADaPT connects employers with highly skilled young workers

Help wanted. That’s what many tech companies across Canada are saying, and research shows...

Unlocking Transformation: IoT and Generative AI Powered by Cloud

Amidst economic fluctuations and disruptive forces, Canadian businesses are steering through uncharted waters. To...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now