:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/03/31/bc-ferry-commissioner-oks-annual-fare-hike-of-92-minister-says-it-will-be-3/20230331170344-412d7df1ba1c988d571b9a9a1cabe9645c8f6fd6e340d602c560e518daa221eb.jpg)
:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/01/05/sickkids-says-80-of-priority-systems-restored-after-ransomware-attack-code-grey-lifted/sickkids.jpg)
The Hospital for Sick Children has lifted a Code Grey status it had issued in response to a ransomware attack.
The hospital said Thursday that roughly 80 per cent of its priority systems, which are systems that have a direct impact on hospital operations, have been restored.
SickKids has previously said it did not make any ransomware payment. An internationally active hacking group known as LockBit apologized in the wake of the attack, blaming the incident on a “partner.” On Dec. 31 the hospital said they were aware of a decryptor that was offered by the LockBit outfit and were evaluating it with third-party experts. The hospital has not used the decryptor to restore systems as of yet.
The hospital added there’s no evidence personal health information was affected.
Dr. Ronald Cohn, president and CEO of SickKids, said in a statement the institution was able to deal with the situation with “minimal disruption to patients and families.”
“Without the extremely hard work of our staff and expertise of external advisors over the holidays, we would not have been able to lift the Code Grey as efficiently as we have,” Cohn said.
The hospital continues to work to restore the remaining systems and said patients and families are unlikely to experience any effect on their care.
A “small” number of patients and families saw diagnostic or treatment holdups due to delays for lab and imaging results. The hospital said clinical teams are monitoring the situation but have not identified any serious health consequences.
Some services, such as dictation services, pharmacy systems and viewing diagnostic imaging results were temporarily unavailable during the Code Grey response. Some corporate systems, such as the hospital’s internal timekeeping system for staff, were also affected.
The hospital’s electronic medical record was not affected.
SickKids is taking steps to strengthen its security systems, said Nimira Dhalwani, chief technology officer at SickKids.
“Our cybersecurity measures meet a high standard, and we are confident that the safeguards and processes we have in place enabled us to respond rapidly to mitigate the impacts on hospital operations. We are working with our experts and industry partners to strengthen our collective systems wherever possible.”
