Cyber Incident Victim: TotalMed Solutions Santé
Date:
Mar 2025
Location:
Canada
Summary
TotalMed Solutions Santé experienced a sophisticated cyberattack involving unauthorized access to two corporate email inboxes, compromising personal data belonging to hundreds of Ville de Montréal employees examined by the clinic. While the breach was contained promptly upon discovery, the specific exposure of medical information remains undetermined. The clinic acknowledged client concerns and offered Equifax protection to affected municipal workers. Unions described the incident as a major leak and demanded credit monitoring and potential compensation from the city, while reporting to Quebec's access commission was unclear.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In late March 2025, TotalMed Solutions Santé, a medical clinic providing examination services for municipal employees on sick or injury leave, experienced a sophisticated cyberattack. Unauthorized actors gained access to the contents of two corporate email inboxes belonging to the company. TotalMed stated that the breach affecting these email accounts was sealed as soon as the company became aware of the incident. This unauthorized access potentially compromised the personal data of hundreds of Ville de Montréal employees who were clients of TotalMed. The clinic, located on boulevard Décarie and also serving clients like Air Canada and the McGill University Health Centre (CUSM), acknowledged the seriousness of the situation and the concern it caused for its clients but declined interview requests, issuing statements through a public relations firm. The exact nature of the compromised data from the email accounts, including whether specific medical information was leaked, could not be definitively determined based on the available information.
The Ville de Montréal, which had a significant contract with TotalMed worth $633,000 for 2024-2025, confirmed it was taking the incident very seriously. City communications lead Gonzalo Nunez stated they were monitoring the situation closely and in discussions with TotalMed. The city offered Equifax credit protection services to the affected municipal employees. Two major municipal unions, representing blue-collar and white-collar workers, reacted strongly, labeling the incident a "major leak" and a "crisis." Union presidents Jean-Pierre Lauzon and Patrick Dubois demanded the city take all available measures to protect members, including paying for credit alert services and offering reparations if damages occurred, insisting unions be involved in finding solutions. Uncertainty surrounded whether TotalMed reported the security incident to Quebec's Commission d'accès à l'information (CAI) as legally required. The CAI's communications advisor cited unspecified "issues" preventing them from providing information about breach declarations received from organizations and confirmed their public list of security incidents had not been updated since September 2024.