B.C’s First Nations Health Authority Suffers Cyberattack and Data Breach

Written by Mitchell Langley

May 24, 2024

B.C’s First Nations Health Authority Suffers Cyberattack and Data Breach

The First Nations Health Authority (FNHA) in British Columbia, Canada has fallen victim to a cyberattack according to a statement released on May 22, 2024. According to sources, the First Nations Health Authority cyberattack may has resulted in a data breach as well.

First Nations Health Authority Cyberattack Details

The FNHA is responsible for planning, management, service delivery and funding of health programs, in partnership with First Nations communities in British Columbia.

The health authority detected an intrusion into its corporate network on May 13th where cybercriminals managed to gain access. FNHA officials were thankfully able to deploy timely countermeasures that prevented the attackers from encrypting the entire network. However, the FNHA believes certain employee information and some limited personal information of others may have been compromised as a result of this cyberattack.

The types of employee or public data that could potentially be affected have not been specified by the FNHA. They have also not clarified if any sensitive health records were accessed, only stating there is no evidence that the attack “impacted any clinical information systems.”

The FNHA has engaged outside cybersecurity experts and notified law enforcement agencies like the Royal Canadian Mounted Police as well as the Office of the Information and Privacy Commissioner of British Columbia about this First Nations Health Authority cyberattack.

No connection has been established between this cyber incident and the series of other prominent cyberattacks that have occurred in British Columbia recently. This includes the allegedly state-sponsored cyberattack that targeted the British Columbia government itself.

The news of the FNHA data breach comes just a day after it was revealed that major Canadian retail chain London Drugs is facing ransom demands of $25 million from the infamous LockBit ransomware group following a cyberattack on their systems.

British Columbia’s Public Safety Minister Mike Farnworth commented that this First Nations Health Authority cyberattack shows a different modus operandi compared to both the provincial government hack and London Drugs incident.

“I can tell you that it is different from what the province faced, and it is also different from what the London Drugs incident was,” B.C. Public Safety Minister Mike Farnworth commented on FNHA attack.

Cybersecurity experts analyzing the London Drugs situation believe the ransomware operators obtained unauthorized access to employee files but did not manage to infiltrate customer data systems, showing the company had appropriate precautions in place.

However, organizations still need to be transparent about the entry points used by cybercriminals so others can strengthen their defenses against similar attacks.

As the First Nations Health Authority continues to investigate the full scope of this cyberattack through forensic analysis, they have confirmed taking steps to notify any individuals whose information may have been impacted.

With cyberattacks increasing at an alarming rate, this incident impacting the FNHA serving Indigenous communities underscores the vulnerabilities even healthcare providers face from sophisticated cyberthreats.

Only further transparency around the attack vectors can help better protect against future cyberattacks and data breaches across various sectors.

Related Articles

How AI is Revolutionizing Phishing Attacks

How AI is Revolutionizing Phishing Attacks

 -  New: New Phishing attacks have long been a major concern for enterprise organizations wordwide. As technology continues to advance, cybercriminals are finding new and innovative ways to exploit vulnerabilities and deceive unsuspecting individuals. In recent years,...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter


Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!