Data breaches have been occurring a lot recently, and a lot of groups have claimed them as their own. However, one group has been hogging the spotlight in 2023 – Clop Ransomware. The threat group has dozens of victims on its list, and now, BORN Ontario joins the mix.
BORN is a healthcare organization funded by the government of Ontario. In other words, it has a lot of sensitive information for threat actors to harvest.
Unfortunately, that was the case, as the company disclosed a breach that might have affected more than 3.4 million people. How did this happen? When did the breach take place? Find out below.
BORN Breach: A Not-So-Better Outcome
BORN (Better Outcomes Registry & Network) is considered to be a high-profile target for any cybergang out there.
Due to the fact that it handles all the critical data about birth, pregnancy, and childhood in the province of Ontario. Yes, that’s a lot of data for threat actors to access.
According to BORN, the breach occurred back in May 2023, and it disclosed it then. However, alongside security experts, the company conducted further investigations into the matter.
So, basically, all of this is part of Clop’s MOVEit campaign, which targets leveraged a zero-day vulnerability. And yes, Clop was successful in this attempt.
BORN Hit Hard
Whenever a data breach such as this hits, one would wonder what data was exposed. BORN didn’t leave us hanging.
- Full name
- Home address
- Postal code
- Date of birth
- Health card number
Unfortunately, it doesn’t end here. BORN provides several types of care to people all over Canada. If we were to add that fact to the mix, more data could’ve been exposed as well:
- Dates of service
- Lab results from screening and diagnostic testing diagnoses
- Pregnancy risk factors
- Type of birth and procedures
- Birth outcomes (e.g., live birth, stillbirth, complications, diagnoses)
While this is definitely sensitive information, and BORN Ontario publicly disclosed the breach, the company claims that it found no evidence that the stolen data is being circulated on the dark web.
Despite that, customers and everyone who works with BORN should remain vigilant from now on. While no financial information is among the stolen data, threat actors can resort to phishing anytime in the near future.
Clop Ransomware Strikes Again – Health Sector Beware!
BORN is warning its customers to take proper precautions when handling anything now, especially Emails.
If any of you have received certain types of care between January 2010 and May 2023, there’s a chance your data was impacted. Be careful.