Cyber Incident Victim: Brunswick Health Group
Date:
Mar 2025
Location:
Canada
Summary
BrunswickHealth Group experienced a cyberattack that compromised some of its IT systems, leading to unauthorized access to patient health information and employee personal data. The external EMR platform Omnimed was not affected, preserving those records. While most patient appointments continued, certain Endoscopy procedures were temporarily postponed before services resumed. Authorities including provincial health agencies and law enforcement were notified, and an investigation with external experts is underway. Affected individuals are being notified as the analysis concludes.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
OnMarch 24, 2025, Brunswick Health Group discovered a cyberattack targeting its IT systems and immediately engaged external cybersecurity experts to contain the threat and begin an investigation. The unauthorized actor accessed and removed personal information and health information from the organization's servers, affecting some patient records and employee and professional data. While the attack disrupted certain IT systems, the external Omnimed platform that stores Electronic Medical Record data was not compromised, so the EMR data housed there remained unaffected. Patient appointments continued as scheduled for most services, although endoscopy appointments were temporarily postponed and later resumed with all appointments honored. Throughout the incident, Brunswick deployed all available resources to maintain secure operations and to support ongoing investigative efforts.
The compromised information includes personal data and personal health information for certain patients, as well as personal information for employees and professionals, who were directly notified of the breach. Affected patients will be notified as soon as the ongoing data analysis is complete, and Brunswick has indicated that other groups of individuals may also have been impacted and will be informed once the analysis allows. To date, the Commission d’accès à l’information, Santé Québec, the Ministry of Health and Social Services, the Collège des médecins du Québec, the CIUSSS de l’Ouest-de-l’Île-de-Montréal, and law enforcement have all been notified of the incident. Brunswick continues to work with these authorities while the investigation proceeds.
In response to the breach, Brunswick implemented comprehensive containment measures and is collaborating with external experts to investigate the attack and to prevent similar incidents from occurring in the future. The organization has stated that it will provide updates as soon as its data analysis permits and will notify all impacted individuals accordingly. All patient care services have been maintained, with the exception of the temporary endoscopy postponement, and operations continue while these measures are in place. Brunswick has notified the Commission d’accès à l’information, Santé Québec, the Ministry of Health and Social Services, the Collège des médecins du Québec, the CIUSSS de l’Ouest-de-l’Île-de-Montréal, and law enforcement, and has directly notified employees while preparing to notify patients after the analysis finishes.