Cyber Incident Victim: Ontario Health atHome

On April1, 2025, Ontario Health atHome published a notice stating that it had been advised by its vendor, Ontario Medical Supply (OMS), of a system outage. The notice was published on the Ontario Health atHome website. OMS conducted an investigation and subsequently informed Ontario Health atHome that the outage resulted from a cybersecurity attack. The investigation determined that health information had been compromised in the breach. The potentially exposed data includes patients’ names, contact information, and details of medical supplies or equipment they had ordered.

Upon learning of the breach, Ontario Health atHome reported the incident to the Information and Privacy Commissioner of Ontario (IPC) and indicated that an investigation is ongoing. The organization emphasized that it remains focused on ensuring patients continue to receive the medical supplies and equipment they need while working to mitigate further privacy and security risks. It noted that affected individuals may file a complaint with the IPC, although doing so is not required given the active investigation. For patients with questions about the breach, Ontario Health atHome provided a telephone number, 1-866-377-7567, and an email address, [email protected], as points of contact. The notice concluded by reiterating that protecting the privacy and security of patients’ health information is a top priority for the organization.