NS Health and IWK Health Centre hacked, data stolen

June 7, 2023

Colton LeBlancHALIFAX – One hundred thousand current and former employees of Nova Scotia Health, the IWK Health Centre, and the public service have had their payroll information stolen – including their social insurance numbers, addresses, and banking information.

The data were stolen in a global breach of the MOVEit file transfer system, said Colton LeBlanc (pictured), Nova Scotia’s minister of Cyber Security and Digital Solutions. The hack was at the hands of the Clop ransomware gang and occurred on May 30 and May 31, before Ipswitch, the company that sells MOVEit, provided a patch to the system.

LeBlanc called a press conference to announce what has been learned so far in the investigation into the hack. He stressed that the 100,000 figure could go up or down as more is learned, and there could be further revelations about other stolen data.

Asked repeatedly if the public’s information was stolen, LeBlanc would only say that the investigation is still in a preliminary stage but wanted to let the public know what it has found at this point.

“Today is about being transparent with Nova Scotians, providing additional information, understanding that, no, we do not have all the answers at this time,” said LeBlanc. “But it is our commitment to provide Nova Scotians updates on an ongoing basis.”

Employees whose information was stolen will be contacted by the province and provided with free credit monitoring and fraud protection services.

“In the meantime,” said LeBlanc, “I encourage civil servants, Nova Scotia Health staff, the IWK staff, as well as Nova Scotians in general, to monitor their banking information closely. I also recommend reaching out to your banking institution proactively to flag the risk.”

Natasha Clarke, the deputy minister of Cyber Security and Digital Solutions, said the province has not been approached about a potential ransom for the stolen data.

Asked if Nova Scotia Health replaced its former SEND file transfer system with MOVEit in a bid to privatize public IT services, Clarke said that wasn’t the motivation.

“I know that [change] was not as a result of privatization of those services,” replied Clarke. The SEND service at that time was an aged and legacy piece of technology.