Security Breach Alert: Personal Data at Risk After Cyberattack on B.C. Health Employer Websites
A recent cyberattack on three websites hosted by the Health Employers Association of British Columbia (HEABC) has raised serious concerns about the security of personal data for thousands of individuals employed or seeking employment in the public health care sector of B.C.
This alarming breach has left many vulnerable to potential identity theft and fraud, prompting immediate action to address the situation.
Michael McMillian, the association’s chief executive officer, stated that stolen information could include social insurance numbers, home addresses, passport, and driver’s license information, as well as other personal data. He stated that 240 thousand email addresses were possibly compromised.
The cyberattack specifically targeted three crucial websites: Health Match B.C., Locums for Rural B.C., and the B.C. Care Aide & Community Health Worker Registry.
These platforms play vital roles in recruiting physicians, nurses, and other health professionals to address the urgent needs of the healthcare sector in British Columbia.
One of the compromised sites was used to recruit physicians, registered nurses, and other health professionals on behalf of health employers. The others helped with vacation coverage for rural doctors and registered care aides working in places including long-term care facilities.
While it’s unclear exactly which information was compromised, McMillian emphasized that no individual health records were affected, and the breach was not caused by ransomware.
Impact on Registration and Assistance
The attack was initially discovered on July 13, and investigations revealed that the hackers had unauthorized access to the system from May 9 to June 10. The incident has been reported to the appropriate authorities, including the police, the Office of the Information and Privacy Commissioner for British Columbia, the Health Ministry, and the Canadian Centre for Cybersecurity.
As a precautionary measure, the online registration for the programs affected has been temporarily suspended. However, applicants can still register by reaching out to administrators directly.
Additionally, HEABC will contact all potentially affected individuals in the coming days, providing them with two years of monitoring services through Equifax to safeguard against potential identity theft.
McMillian stated that the breach has been reported to the police, the Office of the Information and Privacy Commissioner for British Columbia, the Health Ministry, and the Canadian Centre for Cybersecurity.
He claimed that all potentially compromised data had been transferred to a “clean server” with enhanced security. All existing users of the programs, according to Dix, have access to their accounts via temporary websites set up on the clean server.
As the investigation continues and authorities work to hold those responsible accountable, the healthcare community and the public at large remain vigilant about the security of personal data.
Measures to prevent future cyberattacks and protect healthcare workers’ information will be crucial in maintaining the integrity of the public healthcare sector in British Columbia.
Read Next: 505m-Year-Old Fossils Of Oldest Jellyfish Species Discovered
Source: CBC