Data Leak in the BORN Ontario child registry impacts 3.4 millions

An Ontario government-funded healthcare institution called the Better Outcomes Registry & Network (BORN) has revealed that it is one of the targets of the MOVEit hacking spree of the Clop ransomware.

In the province of Ontario, BORN is a perinatal and child registry that gathers, analyzes, disseminates, and safeguards vital information on conception, pregnancy, and childhood.

A zero-day vulnerability (CVE-2023-34362) in the Progress MOVEit Transfer software was used by MOVEit attacks to hack and pilfer data from millions of companies throughout the globe.

When BORN first learned of the security breach on May 31, it promptly notified the appropriate authorities (the Privacy Commissioner of Ontario) and published a warning to the public on its website.

To isolate the affected systems and limit the danger, the company enlisted the help of cybersecurity professionals, enabling it to go on with business as usual.

According to the study, the threat actors duplicated files that had private data belonging to almost 3.4 million BORN service recipients between January 2010 and May 2023, mostly patients receiving prenatal and neonatal care.

(Score: 23) - 4.8/5