The computer system storing confidential health data of the residents of Saskatchewan was attacked over the weekend, disrupting a number of eHealth Saskatchewan’s services, according to eHealth’s website.
The attack on eHealth, which leads all IT services for the Saskatchewan Health Authority, began Sunday morning and is now being examined by the employees of eHealth, Cisco Systems and Microsoft. Jim Hornell, chief executive officer of eHealth Saskatchewan, told the CBC that eHealth staff is assessing 110 servers that may have been attacked.
eHealth said it’s unaware of the amount of time it will take to fix the issue and resume normal operations. Patient data is secure and no information has been stolen, according to Hornell.
The CBC article went on to say that some of the information on the company’s computer system was encrypted and locked by the attackers who demanded a ransom in return for unlocking it. Hornell said he is not aware of specific demands being been made and that eHealth Saskatchewan would not be negotiating with the attackers in any way. The organization has informed the RCMP about the attack.
Healthcare institutions are one of the most popular targets for ransomware attacks. Cybersecurity firm iSecurity’s client base includes companies outside of healthcare, but healthcare is by far the most targeted industry, it told IT World Canada recently. In 2019, nearly 50 per cent of breaches detected and responded to by iSecurity were in healthcare.
In October, ransomware became a national threat in Canada. The Canadian Centre for Cyber Security issued a country-wide alert about Ryuk ransomware, noting it was “affecting multiple entities, including municipal governments and public health and safety organizations in Canada and abroad.”