In the latest update on the MOVEit file transfer software data breach, Ontario’s Better Outcomes Registry & Network (BORN) was struck by a massive breach. The breach affected more than 3.4 million people.
During the breach, hackers were able to obtain sensitive information, including names, dates of birth, health card numbers, addresses, and postal codes. More sensitive information was obtained based on the type of BORN services users were using, including various types of lab results, outcomes of procedures, and more.
According to BORN, it discovered the attack on May 31 and promptly contacted the authorities.
“We began working with cybersecurity experts immediately to isolate the affected computer server, contain the threat, investigate the full scope of the incident, and to ensure our systems were safe to continue our operations,” BORN explains in an incident report. “We’ve taken additional measures to further strengthen our security controls.”
The company is also monitoring the internet, including the dark web, to make sure that none of the information turns up for sale or being used maliciously.
“At this time, there is no evidence that any of the copied data has been misused for any fraudulent purposes,” said BORN.
You may have been affected by the data breach if any of the following happened while you were in Ontario:
- You gave birth or if your child was born between April 2010 and May 2023.
- You received pregnancy care between Jan 2012 and May 2023.
- You had in-vitro fertilization or egg banking between Jan 2013 and May 2023.
Unfortunately, this is one of more than 2,000 organizations affected by the MOVEit data breach earlier this year. The breach was carried out by the Cl0p ransomware gang and has affected international governments like Nova Scotia, multiple US agencies, and major corporations like British Airways, BBC, and Boots.
The story is still ongoing and the Cl0p ransomware gang hasn’t been caught. Organizations around the world are investigating the crime.