SHARE ON: |
| |
| |
 |
 |
|
|
More than 500,000 files containing personal information were potentially exposed to a ransomware attack on eHealth Saskatchewan, according to a report by the Information and Privacy Commissioner of Saskatchewan.
The Office of the Information and Privacy Commissioner (OIPC) launched an investigation into the December 2019 cyberattack after eHealth files were sent to suspicious IP addresses in early 2020.
The OIPC said this attack resulted in one of the largest privacy breaches in Saskatchewan.
“eHealth is charged with collecting, storing and protecting the most sensitive health data in our province,” Information and Privacy Commissioner Ron Kruzeniski said. “Each of us has personal health information in eHealth’s systems. It is absolutely reasonable that each citizen demand the very highest level of security on our health information. To accept less is irresponsible.”
During eHealth’s investigation into the incident, it informed the OIPC that the affected servers contained approximately 50 million files across eHealth, the Saskatchewan Health Authority (SHA) and Health. Through a data scan, eHealth determined around 5.5 million of those files may contain personal information.
eHealth said it scanned the 5.5 million files and identified a total of 547,145 files that potentially contain personal information.
The Privacy Commissioner’s report said since there were a minimum of 547,145 files containing personal information exposed, he concluded personal information and personal health information of citizens of Saskatchewan was either exposed to the malware or maliciously stolen from eHealth, the SHA and Ministry of Health.
RANSOMWARE ATTACK
The report states eHealth was exposed to the malware when an SHA employee opened an infected Microsoft Word document while connected to the SHA network on Dec. 20, 2019.
“The infected Microsoft Word document triggered the execution of ransomware on the workstation and a multi-phase exploit took place between December 20, 2019 and January 5, 2020,” the OIPC report states.
On Jan. 21, 2020, the report said eHealth discovered its files were disclosed to “malicious” IP addresses in Germany and the Netherlands. Approximately 40 gigabytes of encrypted data was extracted.
According to the Privacy Commissioner, there were three opportunities where the ransomware could have been detected earlier. If that detection had happened, he said eHealth may have been able to shut down its systems and stop the extraction of data.
The commissioner notes eHealth failed in fully investigating two “early threat occurrences” which may have prevented the extraction of data.
He also said eHealth, the SHA and the Ministry of Health failed in in communicating about the breach due to the “excessive delay” in providing notification.
Additionally, the Commissioner found the SHA did not provide the affected employee with proper IT training.
“Because we are dealing with the most sensitive personal health information, every person who has access to this information needs to be trained, retrained and trained again as to the things they can do and especially the things they cannot do,” Kruzeniski said.
“This incident reveals the tremendous cost of one employee doing something and other employees failing to follow up rigorously on the warnings given.”
RECOMMENDATIONS
The Privacy Commissioner made a number of recommendations for eHealth, the SHA and the Ministry of Health.
He suggests eHealth review its security protocols, including an in-depth investigation into when early signs of suspicious activity are detected.
It is also recommended that the SHA and the Ministry of Health take steps to improve its mass notification systems, including media releases, newspaper notices, website notices and social media alerts.
All three organizations are also asked to work together to provide identity theft protection to those affected by the breach of information, for a minimum of five years.
eHealth is also asked to review if it should have IT security staff in place 24 hours a day, seven days a week, to investigate any potential threats.
Finally, the report recommends the Minister of Health commence independent governance, management and program review of eHealth.
Along with these recommendations, the Commissioner said he acknowledges that “eHealth, the SHA and Health have begun to take the necessary steps to ensure they are protecting the personal information and personal health information of the citizens of this province.”
GOVERNMENT RESPONDS
Minister of Health Paul Merriman said a response to each recommendation will be made within 30 days.
Merriman has ordered an internal review into why the delay happened and also plans to announce an independent review into eHealth in the coming days.
“Some of the initial reasons that I’ve been told is we didn’t know the absolute depth of where this cyberattack is. This was a, as outlined in the report, very sophisticated attack,” Merriman said.
The Minister said no action has been taken against any management or eHealth’s board of directors, but said he is not ruling that out.
“We will also be providing quarterly updates to the Office of the Privacy Commissioner outlining progress on the development and implementations of preventative measures outlined in this report,” Merriman said.
|
 |
|
 |
|
 |
|
 |
7 am |
| 10 ℃ |
| BROKEN CLOUDS |
WIND: SSE 25 KM/H
GUSTING TO 46 KM/H |
|
|
|
8 am |
| 10 ℃ |
| BROKEN CLOUDS |
WIND: SSE 24 KM/H
GUSTING TO 32 KM/H |
|
|
 |
9 am |
| 13 ℃ |
| LIGHT RAIN |
WIND: S 24 KM/H
GUSTING TO 31 KM/H |
|
|
|
10 am |
| 18 ℃ |
| BROKEN CLOUDS |
WIND: WSW 19 KM/H
GUSTING TO 28 KM/H |
|
|
 |
11 am |
| 22 ℃ |
| SCATTERED CLOUDS |
WIND: W 25 KM/H
GUSTING TO 34 KM/H |
|
|
|
12 pm |
| 26 ℃ |
| SCATTERED CLOUDS |
WIND: WNW 28 KM/H
GUSTING TO 44 KM/H |
|
|
 |
1 pm |
| 24 ℃ |
| CLEAR SKY |
WIND: WNW 37 KM/H
GUSTING TO 44 KM/H |
|
|
|
2 pm |
| 24 ℃ |
| CLEAR SKY |
WIND: WNW 33 KM/H
GUSTING TO 41 KM/H |
|
|
|
|
TODAY |
HIGH OF 26 ℃
LOW OF 10 ℃ |
| MODERATE RAIN |
|
|
|
TUESDAY |
HIGH OF 21 ℃
LOW OF 9 ℃ |
| LIGHT RAIN |
|
|
|
WEDNESDAY |
HIGH OF 26 ℃
LOW OF 11 ℃ |
| SCATTERED CLOUDS |
|
|
|
THURSDAY |
HIGH OF 25 ℃
LOW OF 12 ℃ |
| LIGHT RAIN |
|
|
 |
FRIDAY |
HIGH OF 13 ℃
LOW OF 2 ℃ |
| RAIN AND SNOW |
|
|
|
SATURDAY |
HIGH OF 9 ℃
LOW OF 2 ℃ |
| MODERATE RAIN |
|
|
|
SUNDAY |
HIGH OF 7 ℃
LOW OF 2 ℃ |
| RAIN AND SNOW |
|
|
|
MONDAY |
HIGH OF 17 ℃
LOW OF 3 ℃ |
| OVERCAST CLOUDS |
|
|
|
|
|
 |
 |
|
| Waterdrop Mother’s Day Sale - Save Up to $540 Off! |
| |
| Celebrate Mom with healthier hydration! Save up to $540 on Waterdrop filtration systems, water purifiers, and wellness essentials. |
| |
| Mother’s Day savings won’t last -shop Waterdrop now! |
|
 |
|
 |
|
|
 |
 |
AVENGED SEVENFOLD
ST JAMES
07:09 AM |
|
 |
DANCE GAVIN DANCE
DESCEND TO CHAOS
07:04 AM |
|
 |
THE FUNERAL PORTRAIT
CHERNOBYL
07:01 AM |
|
 |
YELLOWCARD
HONESTLY I
06:57 AM |
|
 |
NIRVANA
COME AS YOU ARE
06:54 AM |
|
 |
BRUCE SPRINGSTEEN
BORN IN THE U.S.A.
06:49 AM |
|
 |
ALKALINE TRIO
SCARS
06:43 AM |
|
 |
AWAKING TYLER
UNTIL AGAIN
06:40 AM |
|
 |
THE RED JUMPSUIT APPARATUS
XS FOR EYES
06:37 AM |
|
 |
LANDMVRKS
THE GREAT UNKNOWN
06:33 AM |
|
 
 |
