eHealth recently discovered that files from some of its servers had been sent to a number of suspicious IP address. This came to light as part of normal and ongoing forensic analysis, started in the wake of the January 5th 2020 ransomware attack.
That analysis continues.
The files exchanged were encrypted and password protected by the attacker, making it difficult to determine the exact content of those files. Officials with the Ministry of Health and Saskatchewan's Information and Privacy Commissioner have been informed.
What we're doing:
Until this discovery, eHealth had no evidence that any information had left its control during the ransomware event. Our on-going forensic and restoration efforts brought this new information to light.
We apologize for any concern this has caused to our customers and the people of Saskatchewan.
eHealth will continue to provide updates, should new information be discovered.
eHealth Saskatchewan2130 11th AvenueRegina SK S4P 0J5Phone:1-855-eHS-LINK (1-855-347-5465)