Published Nov 03, 2023 • 2 minute read
The masterminds behind the ongoing cyberattack against five southwestern Ontario hospitals have dumped another round of sensitive patient data onto the dark web.
The second instalment of stolen information appeared online on Friday.
Article content
Brett Callow, a threat analyst with the international cybersecurity firm Emsisoft Ltd., said posting the information in stages is part of a strategy to keep pressure on the hospitals and force them to pay the ransom.
THIS CONTENT IS RESERVED FOR SUBSCRIBERS ONLY
Subscribe now to read the latest news in your city and across Canada.
- Unlimited online access to articles from across Canada with one account.
- Get exclusive access to the Windsor Star ePaper, an electronic replica of the print edition that you can share, download and comment on.
- Enjoy insights and behind-the-scenes analysis from our award-winning journalists.
- Support local journalists and the next generation of journalists.
- Daily puzzles including the New York Times Crossword.
SUBSCRIBE TO UNLOCK MORE ARTICLES
Subscribe now to read the latest news in your city and across Canada.
- Unlimited online access to articles from across Canada with one account.
- Get exclusive access to the Windsor Star ePaper, an electronic replica of the print edition that you can share, download and comment on.
- Enjoy insights and behind-the-scenes analysis from our award-winning journalists.
- Support local journalists and the next generation of journalists.
- Daily puzzles including the New York Times Crossword.
REGISTER TO UNLOCK MORE ARTICLES
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account.
- Share your thoughts and join the conversation in the comments.
- Enjoy additional articles per month.
- Get email updates from your favourite authors.
Article content
“If they were to release all the data in one fell swoop, they would have no chance of being able to extract payment,” said Callow. “If they are releasing it in a series of instalments, they still have hope to keep the hospitals and the incident in the news, and keep the pressure on.”
A well-organized cybercrime gang called Daixin Team has claimed responsibility for stealing millions of records from Bluewater Health in Sarnia, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare, and Windsor Regional Hospital.
The attack also locked the hospitals out of their own technology-based systems. The criminals targeted the hospitals through TransForm Shared Service Organization, which runs technology systems for all five facilities.
Windsor Regional Hospital CEO David Musyj told his board of directors on Thursday that the cyberattack was detected the morning of Oct. 23.
The attack was part of a blackmail scheme, but officials have not said what the ransom demands are.
The criminals released the first round of information onto the Internet on Thursday. They followed up on Friday with another data dump.
Article content
A screen grab from the dark web leak, which Callow posted on social media, promises several more data dumps. The post, which does not show any of the stolen data, stated a full leak “will be soon.”
Callow said refusing to pay the ransom was the right move.
“I would say it is 100 per cent the right decision not to pay,” he said. “Payment simply keeps other organization in the gang’s crosshairs.
“Even if you do pay, they will pinky promise to destroy that stolen data, but there is absolutely no way of knowing that they actually will. Also, payment isn’t necessarily a quick fix way of bringing all the systems back online. It can still be a long and complex process.”
twilhelm@postmedia.com
Article content
