Cyberattack on Montreal's west end health agency leads it to unplug from internet

A health agency in Montreal's west end, the CIUSSS du Centre-Ouest-de-l'Île-de-Montréal, has disconnected from the internet and barred remote access after a cyberattack was discovered Thursday morning.

CIUSSS du Centre-Ouest-de-l'Ile-de-Montréal is taking steps to secure information while it investigates matter

The Jewish General Hospital is among the institutions managed by the CIUSSS du Centre-Ouest de l'Île de Montréal. (Paul Chiasson/The Canadian Press)

A health agency in Montreal's west end, the CIUSSS du Centre-Ouest-de-l'Île-de-Montréal, has disconnected from the internet and barred remote access after a cybersecurity intrusion was discovered.

The personal information of staff and patients has not been accessed or compromised, said the health agency's head, Dr. Lawrence Rosenberg, during a news briefing Thursday afternoon.

This is not the only health network reporting a possible cyberattack. Several others in the United States have cropped up since Wednesday.

"We thought it best to isolate the information system, which we have done," said Rosenberg. "We are basically an island now, disconnected from the internet."

He said there may have been a technical hiccup, but patient care has not been affected at the Jewish General Hospital or long-term care facilities.

"At the hospital, things are pretty much functioning as they have prior to this," but there may be some slowdowns at places like CLSCs as data transmission will be offline temporarily.

The internal information technology systems are currently operating properly, though there are some problems with the telephone system and anybody working from home has been unable to access the system, Rosenberg said. But, he said, they've been able to work around those issues.

Quebec's health ministry has been informed and the CIUSSS is working with the ministry's cybersecurity team, he says.

Dr. Lawrence Rosenberg, head of the CIUSSS du Centre-Ouest de l'île de Montréal, said the security breach did not compromise personal infromation. (Jewish General Hospital)

Meanwhile, the CIUSSS is taking additional steps to protect data.

Rosenberg has asked staff to ensure all patient-care material is printed or moved to a secure external storage device.

Management throughout the CIUSSS is instructed to ensure that all files created and saved in the last 24 hours be transferred to a secure device as well, or printed.

"Similarly, until further notice, any new documents that you create should be stored on a secure USB key or printed," Rosenberg says, telling staff not to transfer documents to Google or the cloud.

These USB keys will be encrypted and will carry only information that is normally transferred over the network, he said.

Rosenberg says these proactive, precautionary measures are essential in order to protect the health, safety and personal information of all those who rely on the CIUSSS for health care and social services.

Other health-care networks affected

Federal agencies in the United States warned that cybercriminals are unleashing a wave of data-scrambling extortion attempts against the U.S. healthcare system designed to lock up hospital information systems, which could hurt patient care just as U.S. cases of COVID-19 are spiking.

In a joint alert Wednesday, the FBI and two federal agencies warned that they had "credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.''

The alert said malicious groups are targeting the sector with attacks that produce "data theft and disruption of healthcare services.''

However, Francine Dupuis, a senior official with the Jewish General Hospital, said the speed at which the CIUSSS caught the cyber anomaly demonstrates the effectiveness of the security already in place.

And while other health networks are reporting "ransomware attacks" that demand payment to protect data, there were no ransom demands made to the CIUSSS, Rosenberg said. 

At this point, it is not known what the source of the attack was. Rosenberg said that is still under investigation.

With files from The Associated Press


To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted.

By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses. Please note that CBC does not endorse the opinions expressed in comments. Comments on this story are moderated according to our Submission Guidelines. Comments are welcome while open. We reserve the right to close comments at any time.

Become a CBC Member

Join the conversation  Create account

Already have an account?