Data breach affects unknown number of patients at Scarborough Health Network

Officials with the Scarborough Health Network say patient data was compromised as part of a data breach that took place at the beginning of the year.

The network says unauthorized access to several of its servers was detected back on January 25 and among the patient data seized were names, email addresses, OHIP numbers, and insurance policy numbers.

The data involved patients from Birchmount Hospital, Scarborough General, Centenary Hospital and the former Ajax-Pickering Hospital.

Scarborough Health Network says with the help of a third-party cybersecurity team the “unauthorized actor” was shut out of the system by February 1. However, the network did not say how many patients have been impacted by the security breach.

SHN says it has not detected any malicious use of the data that was accessed but is reminding current and former patients to be diligent in monitoring accounts and for incidents of fraud and identity theft.

“SHN takes the privacy and security of patient, staff and business contact and personal information very seriously, and we sincerely regret that this incident occurred,” SHN President and Chief Executive Officer Elizabeth Buller said in a statement. “I want to assure patients that we acted as swiftly as possible to contain and investigate the incident to ensure that our clinical operations were not impacted. Furthermore, all IT security improvements that were identified as a result of our investigation were immediately addressed.”

The network says it reported the breach to the Office of the Information and Privacy Commissioner of Ontario.

Scarborough Health Network has also engaged the services of Trans Union of Canada which is offering two years of credit monitoring services at no cost to anyone who has been a patient at SHN.

A Q-and-A resource page has also been set up for anyone who has additional questions.