Cyber Incident Victim: CarePartners
Date:
Jun 2018
Location:
Canada
Summary
A cyber-attack compromised a home care service provider's systems, exposing patient and employee information including personal health and financial data. The organization partnered with regional health authorities to suspend online referral systems and engaged a cybersecurity firm to contain the breach, assess its scope, and address vulnerabilities. Impacted individuals were offered credit monitoring services, while relevant privacy regulators and law enforcement were notified. The exact scale of affected patients remained undetermined at the time of reporting, with direct notifications planned for those involved.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 11, 2018, CarePartners, a provider of approximately 11% of Ontario's publicly funded home care services, discovered a cyber-attack compromising its computer systems. The breach resulted in unauthorized access to sensitive patient and employee information, including personal health and financial data. Ontario's Local Health Integration Network (LHIN) was notified of the incident on June 12. CarePartners immediately collaborated with LHINs to implement containment measures, suspending the online referral system's capacity to receive patient assignments from LHINs until vulnerabilities could be fully addressed. The organization retained Herjavec Group, a cybersecurity firm, to investigate the breach's scope and contain further exposure. Law enforcement and Ontario's Information and Privacy Commissioner were promptly engaged in the response effort.
The investigation remained ongoing as of June 18, with Herjavec Group's team still onsite at CarePartners. LHINs and CarePartners had not yet determined the exact number of affected patients or the full extent of compromised information, including impacts on North East region clients. CarePartners committed to directly contacting all impacted individuals once identified, following a notification process developed with the Information and Privacy Officer. As an interim measure, the organizations established a dedicated phone line (1-844-337-7300) for public inquiries and offered credit monitoring services to potentially affected individuals. The coordinated response focused on securing systems while working to establish the breach's complete scope and patient impact timeline.