Cyber Incident Victim: Altona Clinic

On February 26, 2021, Altona Clinic in Manitoba, Canada, experienced a ransomware attack that disrupted operations. Clinic officials publicly acknowledged the incident through a report by Pembina Valley but did not issue an immediate statement on their website. The attack resulted in the encryption or destruction of patient visit records from February 25, 2021, necessitating rescheduling of appointments for affected individuals. Two independent IT specialists assessed the incident and concluded patient data compromise was unlikely, citing evidence suggesting the attackers' primary objective was data encryption rather than exfiltration. This assessment contrasted with the prevalent double extortion tactics observed in other ransomware incidents, where threat actors typically steal data before encryption to pressure victims into paying ransoms. No evidence emerged confirming whether attackers issued ransom demands or exfiltrated records.

The clinic instructed patients with February 25 appointments to contact staff and rebook visits due to inaccessible clinical documentation. This operational disruption created logistical burdens for patients and care providers, though the clinic did not specify the duration of system outages or recovery timelines. Officials did not disclose technical details about the ransomware variant, initial attack vectors, or affected systems beyond the compromised scheduling data. No supplemental services like credit monitoring were offered, consistent with the assessment that personal information remained secure. Public communication about the incident relied exclusively on third-party media coverage, as the clinic’s website contained no related announcements at the time of initial reporting. The attack’s confined impact appeared limited to appointment rescheduling and temporary record inaccessibility without broader data theft consequences.