Cyber Incident Victim: Cornwall Community Hospital

On April 11, 2023, Cornwall Community Hospital (CCH) in Ontario, Canada, identified a significant network issue. The hospital serves the residents of Cornwall and several surrounding counties. Upon discovery, an investigation was immediately launched to determine the nature and scope of the problem. This investigation subsequently revealed that the network disruption was the result of a cyber incident. The hospital did not publicly specify the exact type of cyberattack in its initial communications and did not respond to external media requests to confirm if it was a ransomware attack. Following the confirmation of a cyber incident, the hospital retained external cybersecurity experts to work alongside its internal technical team in an effort to resolve the issue and mitigate the impact.

The primary impact of the cyber incident was operational disruption, leading to delays in patient care. The hospital issued a statement confirming that while its clinical Electronic Health Record system remained unaffected and operational, residents should expect to experience some delays to both scheduled and non-urgent care. This echoed a similar message the hospital had released on the day the incident was first discovered, Tuesday, April 11, which warned of impending treatment delays as staff worked to manage the situation. The hospital's ability to deliver high-quality clinical services and patient-centered care remained its stated top priority throughout the event. A specific system impacted by the ongoing network issues was user access to MyChart, a patient portal typically used for accessing personal health information and managing appointments.

Communication with patients and the public was maintained through the hospital's official website and its social media channels. The organization urged people to follow these platforms for ongoing updates regarding the incident and information on when services might return to normal operational levels. The hospital expressed regret for any inconvenience caused to patients and their families and thanked the community for their patience and cooperation during the disruption. The facility, which operates 175 beds and employs a staff of 1,200 individuals including 180 physicians, focused its response on containing the incident and restoring full network functionality.

This incident occurred within a broader context of cyber activity targeting Canadian infrastructure during the same week. The Prime Minister's office website experienced distributed denial-of-service (DDoS) attacks that rendered it inaccessible for several hours. Similar DDoS incidents targeted the websites of Hydro-Québec, the provincial electricity provider, and several major Canadian ports including those in Halifax, Montreal, and Quebec. Prime Minister Justin Trudeau, who had recently met with Ukrainian Prime Minister Denys Shmyhal, publicly commented on the timing, noting it was not uncommon for Russian hackers to target countries demonstrating support for Ukraine. He stated that such attacks would not dissuade Canada's support. The Cornwall Community Hospital incident was part of a continuing trend in 2023 where healthcare facilities globally faced significant operational downtime and service delays due to cyberattacks.