Bluewater Health says up to 20,000 patients’ social insurance numbers taken in the ransomware attack.
The Oct.23 attack locked five southwestern Ontario hospitals out of their computers leading to surgeries, appointments and cancer treatment being delayed or cancelled.
The hospital, in a news release Thursday afternoon confirmed the theft of a database report containing information about 267,000 patients dating to 1992.
The report included information about every patient seen since February 24, 1992 at:
- Bluewater Health;
- Lambton Hospitals Group;
- Charlotte Eleanor Englehart Hospital;
- Sarnia General Hospital; and
- St. Joseph’s Hospital.
The database report may include patients:
- Contact information;
- Date of birth;
- Basic demographic information;
- Reason for visit; and
- General notes on prior registrations.
Bluewater Health 20,000 patients social insurance numbers were also stolen.
Bluewater Health will directly notify all those whose SIN was included in the database report, and will provide them with two years of credit monitoring.
Bluewater Health is one of five hospitals affected by the ransomware attack the the group call Daixin in southwestern Ontario.
See more here
: 20,000 SIN number stolen in Lambton hospital hack
The hospitals and health care providers share IT, supplies and accounting services through TransForm Services.
Those affected have the right to file a complaint with Ontario Information and Privacy Commissioner. They can be reached at https://www.ipc.on.ca/privacy-individuals/filing-a-privacy-complaint/.
A patient cybersecurity hotline has been established at 519-437-6212 (8 am to 11 pm Monday through Friday). Staff questions can be directed to their HR teams.