Some personal information of Chatham-Kent Health Alliance employees has been confirmed as stolen in the wake of the cyberattack on area hospitals last month.
Officials say they continue to analyze what was stolen.
The CKHA and neighbouring hospital organizations in Windsor-Essex and Sarnia-Lambton were recently the victims of a cyberattack and saw sensitive information stolen and published.
This according to a press release on behalf of the CKHA, Bluewater Health, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital, and their shared service provider TransForm Shared Service Organization (TFSSO).
In a joint media release, after stating they would not pay a dime in connection with the ransomware attack, they said they are evaluating the data the attack acquired.
“We have made progress in evaluating the affected data and can share some preliminary conclusions. This attack did not involve the theft of databases linked to the following functions: employee payroll, accounts payable (i.e. vendor payments or payments to professional staff), electronic health record for all institutions other than Bluewater Health; and donor information,” the release stated. “The attackers targeted a Bluewater Health patient database report. They also were able to steal data from an operations file server that housed a segmented employee shared drive used by all our hospitals. The shared drive data included patient and employee information of varied amounts and sensitivity.”
CKHA’s electronic health record was not affected by this incident. However, officials said the impacted shared drive did contain some CKHA patient information that CKHA is currently analyzing.
CKHA can confirm the theft of an employee database report containing information about 1,446 individuals employed by CKHA as of Feb. 2, 2021. If you were employed by CKHA on that date, CKHA believes that your data was taken, including name, address, social insurance number, gender, marital status, date of birth and basic pay rate.
This database report does not appear to include professional staff or volunteers.
No banking information was stolen, officials said.
CKHA has been distributing two years of complimentary credit monitoring, on site, since Oct. 30. CKHA will continue to provide this, on site, to current employees for the foreseeable future, and they encourage all employees to sign up.
For past employees included in the database report who have not signed up in person, CKHA will be mailing you a letter with a unique credit monitoring code and instructions.
Officials said the attack has affected each institution differently.
The stolen data is in many formats, some of which are easier to analyze.
At Bluewater Health, officials confirmed the theft of a database report. The stolen data includes information about approximately 5.6 million patient visits made by approximately 267,000 unique patients.
The stolen database report did not include clinical documentation records. BWH is still in the process of determining the precise individuals included in this database report and the data that was taken and will notify those affected in accordance with the law.
While it does appear that information pertaining to employees was affected to some degree, BWH has reached the preliminary conclusion that no employee or professional staff social insurance numbers or banking information was taken.
Out of an abundance of caution, since Monday October 30, BWH has been distributing two years of complimentary credit monitoring to all employees and professional staff.
For Erie Shores HealthCare, the shared drive that got hacked did contain some ESHC patient information that ESHC is currently analyzing.
ESHC has identified a limited set of stolen data that includes approximately 352 current and past employee social insurance numbers. ESHC will be individually notifying those impacted.
No banking information was stolen, officials said.
A very limited portion of a shared drive used by Windsor Regional Hospital staff was accessed by the attackers. The preliminary review indicates that in the shared drive that was breached, some patients were identified by name only or some with a brief summary of their medical condition but not with any patient charts/electronic medical records.
While it does appear that information pertaining to employees was affected to some degree (i.e. staff schedules), WRH has reached the preliminary conclusion that no employee or professional staff social insurance numbers or banking information were affected.
Hôtel-Dieu Grace Healthcare’s electronic health record was not affected by this incident. The breached shared drive did contain some HDGH patient information that HDGH is currently analyzing.
While it does appear that some information pertaining to employees was stolen, HDGH has reached the preliminary conclusion that no employee or professional staff social insurance numbers or banking information were taken.
All hospitals have some degree of patient and employee information affected. All of our hospitals are investigating the stolen data to determine who is impacted.