Exploit: Ransomware
Newfoundland and Labrador Health: Healthcare System
What may be the largest cyberattack in Canadian history crippled the healthcare system of the province of Newfoundland and Labrador on October 30. The ransomware attack hit scheduling and payment systems, causing interruptions in patient care including the cancellation of all non-urgent imaging and medical appointments well as a reduction in chemotherapy sessions and significant complications for the province’s COVID-19 response. Eastern Health reported that their payment systems to suppliers and vendors were also targeted by the attack.
Hackers stole personal information connected to both patients and employees in the Eastern Health and Labrador-Grenfell Health regions of Newfoundland and Labrador’s healthcare system in this attack. The information was accessed through the province’s Meditech data repository, which includes a patient information database as well as core communication tools, such as email.
Key Takeaway: Hacking and ransomware against everything medical was the big trend of 2020 as COVID-19 treatment and research data became valuable in dark web markets. Bad actors will continue to hunt for data from medical sector targets because it often results in a quick harvest of valuable PII and financial information.