Canada: pregnancy data of 3.4 million women leaked
![Image Report examines recent activities of Russian cybercriminals from [Sandworm]](https://incyber.org//wp-content/uploads/2024/04/incyber-news-cybersecurite-cybersecurity-attack-danger-2024-885x690.jpg)
BORN, in charge of pregnancy data processing in Ontario, among victims in wave of cyberattacks against secure file transfer software MOVEit.
The Better Outcomes Registry & Network, which processes data related to pregnancies in Canada’s Ontario province, recognized on September 25, 2023, it had been the victim of a malicious intrusion in June 2023. An “unauthorized third party” stole personal pregnancy information from 3.4 million individuals.
The leak affects everyone who received treatment (fertility, pregnancy, newborn and child health…) between January 2010 and May 2023 in Ontario. The database includes names, addresses, postcodes, dates of birth and health card numbers, as well as details on the care provided.
BORN Ontario uses the secure file transfer software MOVEit, known for its quality encryption. Yet a zero-day vulnerability in the software, exploited by cybercriminals, triggered a massive wave of intrusions across Europe and North America in early June 2023. The Clop ransomware gang claimed responsibility for the attack.
According to BORN Ontario, there is no indication “at this time” that the copied data was used for fraudulent purposes. Nonetheless the organization continues to scour the web, including the dark web, for traces of malicious use. BORN Ontario maintains it has strengthened cybersecurity protocols to make sure such an incident does not happen again.