A Toronto Health Network Had A Data Breach & Patient Information Might Have Been At Risk

A group of hospitals in Toronto recently had their servers breached, and patients' personal information might have been accessed during the cybersecurity incident.

On January 25, the Scarborough Health Network's IT team saw there was some unusual activity on its systems, and took steps to contain it and investigate what happened with the help of third-party cybersecurity experts, the public notice reads.

In the investigation, they saw that both past and present patient data might have been accessed on their servers, which includes all patients of pre-amalgamation SHN institutions. This means Birchmount Hospital, Centenary Hospital, Scarborough General Hospital, and the previous Rouge Valley Health System's Ajax-Pickering Hospital were affected.

"We take the privacy and security of business contact and personal information very seriously, and sincerely regret that this Incident occurred," the health network wrote.

"We can confirm that the unauthorized actor was shut out of the system by February 1, 2022. Patient data from February 1, 2022 and onward is not at risk."

So, what data was potentially at risk?

The health network said personal patient information like home addresses, email addresses, phone numbers, vaccine records, OHIP numbers, and insurance policy numbers might have been accessed. Staff and physician names were also included in the list.

While the health network can't exactly point to what data was accessed by the security breach, they said there's no indication that any of the information accessed in the data breach was misused.

SHN is giving a free two-year subscription to TransUnion to any past and current patients, which is an online monitoring service. They also recommend contacting your bank and other relevant government offices to let them know that you might have been affected by this data breach, and to keep an eye out for any suspicious activity in your bank accounts.