The B.C. First Nations Health Authority (FNHA) has confirmed it was the victim of a cyberattack, and that some employee personal information was likely impacted in the breach.
The authority, which is responsible for delivering federal and provincial health programs to First Nations people living in B.C., said Wednesday that it first became aware of the attack on May 13.
The FNHA said that it learned of “unusual activity” on its corporate network on that day, and immediately took steps to block an unauthorized user from accessing its information.
It says that while an investigation into the cyberattack is in its early stages, there is evidence that some employee information and “limited personal information of others” was likely accessed in the attack.
“FNHA has taken and continues to take immediate action to issue required notifications to impacted individuals and to otherwise provide support,” the authority wrote in a statement.
The exact nature of the impacted data was not disclosed in the statement, nor how exactly the cyberattackers gained access to the corporate network.
The authority said that there is no evidence that the cyberattack affected any clinical information systems that it uses.
“FNHA also immediately engaged third-party cybersecurity experts to assist with containment and remediation and to conduct a forensic investigation to determine the extent and scope of this incident,” the authority wrote.
“We have also reported this incident to law enforcement and to the Office of the Information and Privacy Commissioner of British Columbia.”
Health authorities at risk of cyberattacks: technologist
The FNHA and B.C. Public Safety Minister Mike Farnworth both said Wednesday that there is no evidence the cyberattack reported Wednesday is connected to recent prominent cyberattacks in B.C.
Retailer London Drugs, the B.C. Libraries Co-operative, and the B.C. government itself have been targeted by cyberattackers since April.
Caelan Drayer, a solutions architect at Dyrand Systems, said that health authorities have been “a really easy target” for cyberattackers in the past, as they often store information that is valuable to malicious actors.
London Drugs stores across Western Canada were suddenly closed on Sunday after the company said it was a “victim of a cybersecurity incident.” Cybersecurity expert Francis Syms explains what challenges the company could be dealing with.
“Health authorities are rather notorious for being behind on their cybersecurity practices,” Drayer told CBC News. “Partially due to just bureaucracy, partially due to vendor support of the technologies they require.”
He says bad actors often try to obtain large amounts of personal data at once to use for scams or identity theft.
“You’ll now have a list of several thousand people. You’ll call all of them … You’ll attack anything you can find related to them,” he said of attackers’ rationales.
“And maybe you’ll hit gold and find someone that has something weak and vulnerable — that you can then get in, and keep going on attacking.”
The technologist says that anyone who thinks they may be affected by the FNHA cyberattack should immediately look to secure their linked email accounts and set up strong passwords and two-factor authentication.
But Drayer added that there’s little they can do about personal information, like birth dates or addresses, being leaked.
He says that affected people should monitor their credit scores in the months to come, and verify any suspicious calls or emails requesting money.