Southern Manitoba child welfare authority back online following ransomware attack
Southern First Nations Network of Care says no evidence personal and health data of children taken
The child welfare authority responsible for 5,000 First Nations foster children in southern Manitoba has regained access to its internal IT system after a ransomware attack left the system completely unusable for more than six weeks.
Answering questions through a Toronto-based lawyer, the Southern First Nations Network of Care said the computer system has been back up and running since sometime in January, following a November ransomware attack.
"With the exception of some past emails that have not been restored, the system is no longer impacted by the ransomware attack," lawyer Mouna Hanna, who specializes in cyber- and privacy breaches, said in an email.
The Southern First Nations Network of Care provides an internal IT network to eight of the 10 child welfare agencies it oversees. The network is used for everything from emailing about foster cases to tracking financial information.
The ransomware attack, which happened on Nov. 21, left that system completely paralyzed, meaning all employees on the system were unable to use their computers or access emails.
There was no evidence any personal or health information was taken from the system as a result of the attack, Hanna said.
Won't talk about precautions
The southern authority's lawyer would not answer questions about what, if any, extra measures the care network has taken to prevent similar incidents from happening in the future.
Manitoba RCMP's major crimes unit had launched a criminal investigation, but RCMP are no longer investigating the complaint, spokesperson Paul Manaigre said Thursday.
At the time of the attack, police said they believed the cyberattack originated in Headingley, Man., which is also where the main offices of Southern First Nations Network of Care are.
An unnamed forensic security firm headquartered outside Winnipeg has been leading the southern authority's own investigation, its lawyer previously told CBC News.
The firm was hired even though the province offered its experts to help get the system back online.
A spokesperson for the provincial government confirmed it is no longer providing additional help to the southern authority now that the computer system is back up and running.
Authority 'dysfunctional': Sandy Bay CFS head
The child care authority has been under fire from parents, former employees and its own member child welfare agencies following the attack.
Last month, the authority's former senior policy advisor went public, saying he warned of the potential for a cyberattack, and told both the authority and the province that the safety of kids was threatened by mismanagement at the Southern First Nations Network of Care.
In November, CBC News spoke to the head of Sandy Bay Child and Family Services, one of the agencies overseen by the southern authority, who said the care network was "dysfunctional" and had published information on its website that made it vulnerable to the cyberattack. Sandy Bay CFS was not affected by the ransomware because it's on a separate IT network.
Both the former employee and the Sandy Bay agency's executive director called on the province to take a closer look at the Southern First Nations Network's board of directors and appoint an outside administrator.
In January, Families Minister Heather Stefanson said putting the southern authority under third-party management was not under consideration at that time.
Have a story or tip related to this topic? Email Marina von Stackelberg.