Cyberattack results in computer system failure at Humber River Hospital, impacting patient care

A cyberattack at Humber River Hospital has triggered a code gray — or loss of essential services — preventing staff from accessing electronic patient records and diagnostic test results, and leading to long waits on the hospital ward. very busy emergency.

The hospital’s computer system was hit around 2 a.m. Monday after suffering a ransomware attack. In a statement posted online Tuesday afternoon, the hospital said “no confidential information was disclosed” and the attack was “discovered almost immediately.” All of its computer systems were shut down, including that of patient health records.

“Ransomware typically encrypts files, then once most are encrypted, they demand a ransom. Since we stopped quickly, encryption is not an issue, although we are dealing with corrupted files,” the statement said.

Hospital staff told The Star that the network shutdown had impacted patient care by causing long waits in the emergency department. It has also created long wait times for diagnostic tests, including those for suspected heart attacks, sources said.

The hospital has canceled various clinics and has staff at its main doors to redirect patients. So far, surgeries are unaffected and the emergency department remains open, although some ambulances are being redirected to other hospitals, the statement said.

Melissa Granados, a patient diagnosed with a uterine fibroid (tumor), said she arrived at the main hospital emergency room at 3:15 p.m. Monday with heavy bleeding.

After two and a half hours of waiting, Granados said a hospital manager informed patients of the system failure. She was only able to see a doctor six to seven hours after she first sought help and did not leave the hospital until 1 a.m. Tuesday. Granados said she felt frustrated when a nurse told her the failure started in the morning, but patients weren’t told sooner.

“If they cared enough about their patients, they would have told us when we walked in, ‘Our systems are down, we suggest you go to another emergency department as we have very long waits,’” said Granados.

Although she has had heavy periods and spotting for the past month and a half, the bleeding she experienced on Monday was extreme. Her primary care physician works at St. Michael’s Hospital, but she opted to seek help from the emergency department at Humber River Hospital instead, as it is closer to home, around Jane and Wilson. .

“I was seeing black and was going to pass out,” Granados said. “I told them I was bleeding.”

Granados said she asked hospital staff to transfer her to another hospital, but was told to wait until a doctor could see her. She was unable to have surgery to remove the tumor because of the pandemic, she said.

Humber River Hospital said its IT department was working with an outside recovery company to restore its systems to working order. More than 5,000 computers (including 800 servers) will be restarted manually. The hospital said in its Tuesday afternoon statement that the systems would be back online in a staggered fashion over the next 48 hours.

Ontario Health said it was notified Monday morning that systems at Humber River Hospital were down. They said the situation at the hospital is being closely monitored and the Ontario Health security team is supporting the hospital as needed.

Christopher Parsons, a senior research associate at the University of Toronto’s Citizen Lab at the Munk School of Global Affairs & Public Policy, said Humber River Hospital appears to have appropriate safeguards in place and adopted a rapid and accurate response. to ransomware attack.

“If you take their statement at face value, what they’ve done is impressive,” he said, noting that it’s usually rare for large and medium-sized companies to regularly update their systems to find out attacks quickly. In its statement, the hospital said its “most recent hook-up” was on June 13.

Quickly shutting down and disconnecting from the existing system — which the hospital said it did in its statement — is also key to preventing the attack from spreading, Parsons said.

“Once it enters a network or system, ransomware is designed to spread through the network with the ultimate goal of locking down as many systems as possible by encrypting data, so they can charge a ransom higher,” he said.

In the case of a healthcare facility, shutting down the entire system to stop the attack means that critical network services, such as electronic patient records and diagnostic imaging, are also crippled.

Parsons said hospitals and healthcare systems were being targeted around the world and pointed to a recent spate of such ransomware attacks, including one in May that crippled Ireland’s public healthcare system. In many cases, targeted hospitals were forced to cancel elective procedures and staff had to use pen and paper to keep track of patient records.

In 2019, several Ontario hospitals were hit by ransomware viruses, including Michael Garron Hospital in Toronto. In the same year, LifeLabs, the nation’s largest medical diagnostic testing company, disclosed that it had paid a ransom to secure data – including the personal information of millions of customers – after a cyberattack.

In addition to having strong network security precautions, Parsons suggests that hospitals and healthcare facilities have rigorous backup plans in place so they can provide safe and adequate care to patients after a cyberattack. He said he hopes Humber River Hospital will provide more details about its recent cyberattack — and how it recovered — so other hospitals and organizations can learn from its experience.

Parsons said ransomware attacks are epidemic internationally and attackers are often linked to criminal organizations.

“From my point of view, ransomware is the equivalent of a new, virulent disease,” he said. “It will only get worse.”


Conversations are the opinions of our readers and are subject to the Code of Conduct. The Star does not share these opinions.

Gordon K. Morehouse