Image: Leon Seibert (unsplash)
The Better Outcomes Registry & Network (BORN), a health-focused entity sponsored by the Ontario government, recently disclosed its unfortunate involvement in the widespread hacking activities of the Clop ransomware’s MOVEit campaign.
BORN serves as a key perinatal and child registry, diligently gathering, interpreting, disseminating, and safeguarding pivotal data concerning pregnancy, birth, and early childhood throughout Ontario.
The MOVEit cyberattacks utilized an undisclosed vulnerability (CVE-2023-34362) in the Progress MOVEit Transfer software, which facilitated unauthorized access and data theft across numerous global entities.
BORN’s realization of this data compromise occurred on May 31. Following this discovery, they promptly informed their community via their official website and reached out to the appropriate governing body, specifically the Privacy Commissioner of Ontario.
In an effort to mitigate further damage, BORN consulted with digital security specialists. These experts assisted in pinpointing affected servers and suppressing the looming threat, ensuring the organization could proceed with its essential functions.
Further scrutiny revealed that these unauthorized entities had duplicated files holding the confidential details of an estimated 3.4 million individuals. The majority of this population consists of newborns and patients seeking prenatal care, all of whom utilized BORN’s services within the timeframe of January 2010 to May 2023.
Details that were exposed in the breach encompass:
- Full names
- Residential addresses
- Postal codes
- Health identification numbers
Furthermore, contingent on the nature of services BORN provided, the subsequent specifics might also be at risk:
- Service or care dates
- Laboratory findings
- Pregnancy-associated risks
- Birth categorizations
- Procedures undertaken
- Outcomes related to pregnancies and births
To facilitate transparency, BORN launched a dedicated webpage elucidating the repercussions of this incident and identifying the possible affected population due to this unauthorized data extraction.
While BORN acknowledged the breach, they also conveyed that there’s no current evidence indicating the pilfered data’s distribution within obscure online realms.
Currently, BORN hasn’t detected any misuse of the duplicated data for deceitful intents. Continuous surveillance of online platforms, including clandestine sections, hasn’t unearthed any instance of BORN’s data being publicly disclosed or marketed.
For those potentially affected by this data incident, the prevailing advice is to maintain vigilance, particularly concerning unexpected communications that might seek personal information. Additionally, any anomalous activities spotted on digital platforms or fraudulent overtures ought to be reported to both law enforcement agencies and relevant service organizations.