Chemotherapy treatments cancelled, as IT staff take healthcare systems offline

UPDATE (Jan 21; 10:00 UTC) Health Sciences North said it has now regained access to its main electronic records and medical imaging systems following the malware incident. “Recovery of remaining systems will continue over the coming week,” the hospital stated yesterday.


More than 20 hospitals across Northeastern Ontario have taken vital services offline, as IT staff tackle a “zero-day virus” that spread through the Canadian healthcare system earlier this week.

According to Dominic Giroux, president and CEO of Health Sciences North in Sudbury, hospitals across Northeastern Ontario started to experience technical difficulties on Wednesday morning, prompting techies to shut down systems in order to contain the problem.

“As a preventative measure, all [impacted] systems were put on downtime, successfully avoiding the dissemination of the virus,” Giroux said in a statement posted on the hospital’s Twitter page yesterday.

The as-yet-unidentified malware resulted in the cancellation of medical appointments and treatments, with Giroux stating that “21 of the 24 Northeastern Ontario hospitals have seen their main electronic medical record system, Meditech, put on downtime”.

Mosaiq, the electronic medical record system for cancer programs, has also been taken offline in 12 hospitals, the CEO said. Medical imaging systems in 10 facilities were also affected.

At the time of writing, the website for Health Sciences North was inaccessible, impacting patients’ ability to access the hospital’s online services.

According to local reports, Sault Area Hospital, North Bay Regional Health Centre, Timmins and District Hospital, and Hôpital Notre-Dame Hospital are among the other healthcare facilities to have been impacted by the incident.

The Health Sciences North CEO said the IT challenges had been caused by a “zero-day virus”.

As infosec readers will know, zero-day exploits take advantage of previously unknown (and therefore unpatched) software flaws.

A “zero-day virus” possibly references a strain of malware that the hospital’s antivirus didn’t pick up, rather than one utilizing a zero-day exploit, but this remains unclear.

The Daily Swig has approached Health Sciences North for clarification on this, alongside a request for an update on the incident, but we’re yet to hear back.

In its announcement, the healthcare organization said it was working to begin restoring its critical systems today (Friday) and re-scheduling the cancelled chemotherapy and radiation treatments over the weekend.

Giroux said there is no evidence to suggest that the “privacy of patient information has been breached”.


RELATED Cybersecurity triage: NHS moves to prevent next WannaCry