British Columbia

B.C.'s First Nations Health Authority reports cyberattack

The B.C. First Nations Health Authority (FNHA) has confirmed it was the victim of a cyberattack, and that some employee personal information was likely impacted in the breach.

Latest cyberattack reported in B.C., with technologist saying that health authorities are particularly at risk

A person types on a laptop computer with code on the screen.
The B.C. First Nations Health Authority has confirmed it was the victim of a cyberattack, which was first detected last week. (Brian A Jackson/Shutterstock)

The B.C. First Nations Health Authority (FNHA) has confirmed it was the victim of a cyberattack, and that some employee personal information was likely impacted in the breach.

The authority, which is responsible for delivering federal and provincial health programs to First Nations people living in B.C., said Wednesday that it first became aware of the attack on May 13.

The FNHA said that it learned of "unusual activity" on its corporate network on that day, and immediately took steps to block an unauthorized user from accessing its information.

It says that while an investigation into the cyberattack is in its early stages, there is evidence that some employee information and "limited personal information of others" was likely accessed in the attack.

"FNHA has taken and continues to take immediate action to issue required notifications to impacted individuals and to otherwise provide support," the authority wrote in a statement.

The exact nature of the impacted data was not disclosed in the statement, nor how exactly the cyberattackers gained access to the corporate network.

The authority said that there is no evidence that the cyberattack affected any clinical information systems that it uses.

An Indigenous woman speaks in front of two banners reading 'First Nations Health Authority'. She is flanked by other people.
Colleen Erickson, the former board chair of the First Nations Health Authority, is pictured during a news conference in April 2023. The authority is responsible for delivering federal and provincial health programs to First Nations people living in B.C. (Ben Nelms/CBC)

"FNHA also immediately engaged third-party cybersecurity experts to assist with containment and remediation and to conduct a forensic investigation to determine the extent and scope of this incident," the authority wrote.

"We have also reported this incident to law enforcement and to the Office of the Information and Privacy Commissioner of British Columbia."

Health authorities at risk of cyberattacks: technologist

The FNHA and B.C. Public Safety Minister Mike Farnworth both said Wednesday that there is no evidence the cyberattack reported Wednesday is connected to recent prominent cyberattacks in B.C.

Retailer London Drugs, the B.C. Libraries Co-operative, and the B.C. government itself have been targeted by cyberattackers since April.

Caelan Drayer, a solutions architect at Dyrand Systems, said that health authorities have been "a really easy target" for cyberattackers in the past, as they often store information that is valuable to malicious actors.

WATCH | London Drugs cyberattack shows importance of cybersecurity, technologist says: 

London Drugs shutdown shows companies need to take cybersecurity seriously: Technologist

7 months ago
Duration 7:03
London Drugs stores across Western Canada were suddenly closed on Sunday after the company said it was a "victim of a cybersecurity incident." Cybersecurity expert Francis Syms explains what challenges the company could be dealing with.

"Health authorities are rather notorious for being behind on their cybersecurity practices," Drayer told CBC News. "Partially due to just bureaucracy, partially due to vendor support of the technologies they require."

He says bad actors often try to obtain large amounts of personal data at once to use for scams or identity theft.

"You'll now have a list of several thousand people. You'll call all of them ... You'll attack anything you can find related to them," he said of attackers' rationales.

"And maybe you'll hit gold and find someone that has something weak and vulnerable — that you can then get in, and keep going on attacking."

The technologist says that anyone who thinks they may be affected by the FNHA cyberattack should immediately look to secure their linked email accounts and set up strong passwords and two-factor authentication.

But Drayer added that there's little they can do about personal information, like birth dates or addresses, being leaked.

He says that affected people should monitor their credit scores in the months to come, and verify any suspicious calls or emails requesting money.

ABOUT THE AUTHOR

Akshay Kulkarni

Journalist

Akshay Kulkarni is an award-winning journalist who has worked at CBC British Columbia since 2021. Based in Vancouver, he is most interested in data-driven stories. You can email him at [email protected].

With files from Michelle Gomez