Cyber Incident Victim: College of Nurses of Ontario

On September 8, 2020, the College of Nurses of Ontario (CNO) discovered a cybersecurity incident that disrupted its operations. The organization immediately implemented containment measures and engaged a leading cybersecurity firm to assist with remediation and conduct a forensic investigation. CNO issued a public statement acknowledging the incident but did not initially disclose specific details about its nature or origin. Services including the public nurse registry (Find a Nurse), membership renewal portal (Maintain Your Membership), and applicant portals became temporarily unavailable during the disruption. The college emphasized that investigators were working to determine whether personal information of nursing professionals had been compromised through the breach.

The Netwalker ransomware gang subsequently claimed responsibility for the attack, posting a screenshot of allegedly stolen human resources department data on their dark web leak site. As Ontario's nursing regulatory body, CNO maintained records on 121,488 registered nurses, 59,967 registered practical nurses, and 3,864 nurse practitioners, though the exact scope of accessed data remained unconfirmed. Ontario Nurses Association president Vicki McKenna expressed outrage that members hadn't been directly notified about the potential compromise of their information. Canadian Union of Public Employees representative Michael Hurley raised safety concerns, noting that exposure of address data could endanger nurses with restraining orders or violent partners. The incident occurred amid heightened FBI warnings about Netwalker targeting healthcare organizations, with the bureau issuing a flash alert two months prior about increased attacks against medical entities globally. Forensic investigators continued analyzing systems to establish definitive evidence of data exfiltration while CNO worked to restore affected services.