Toronto hospital working to restore systems after being struck by cyber attack
TORONTO -- Humber River Hospital says it is still working to restore its IT systems more than 24 hours after being struck by a ransomware attack.
In a statement Tuesday afternoon, the hospital acknowledged that its systems were struck by a new malware attack at around 2 a.m. on June 14 and that it has been operating under a “Code Grey,” which is declared when the hospital is dealing with a loss of essential services, since then.
The hospital, located near Wilson Avenue and Keele Street, said the threat was discovered almost immediately and its 5,000 computers – including those that manage patient records – were shut down in order to protect them.
Ransomware usually functions by encrypting files on target computers so that the information cannot be accessed by its rightful owners and then demanding a ransom to de-encrypt the information.
While the system shutdown prevented most computers from being encrypted, some files were corrupted, the hospital said.
“The IT department has been working with an external recovery firm who are assisting by being in the facility and online with the recovery planning,” the hospital said in its statement.
Each of the hospital’s computers is being restarted manually and fixed with a patch developed by cyber security firm Symantec.
“We will bring systems back online in a staggered approach over the next 48 hours. It is important to know that no confidential information was released,” the hospital said.
The cyber attack forced the closure of a number of clinics today. Surgeries are continuing as planned and the emergency department is still open but functioning on ambulance redirect.