Investigation into data security incident has concluded

Michael Garron Hospital (MGH) experienced a data security incident in October 2023 that led to the exposure of personal information belonging to some of our donors. For further information, see the statement and FAQ page on the MGH website.

Our website, mghf.ca, and payments processed via our website were not affected and remain secure.

Michael Garron Hospital Investigating Data Security Incident

Update: November 15, 2023

It has been a very challenging few weeks for public sector organizations in Ontario experiencing cybersecurity incidents, including hospitals, healthcare centres and libraries. It is unfortunate that these incidents are becoming increasingly common, especially when they impact organizations that are dedicated to serving the health and well-being of our communities.

At Michael Garron Hospital (MGH), we recently suffered a data security incident perpetrated by a cyber threat actor group. We did not pay a ransom and we are aware that data connected to the incident may be published. Having received the advice and counsel of leading third-party experts, we determined we would not yield to ransom demands. Our programs and patient care services continue to operate normally and MGH remains a safe place to receive care.

We have determined that some personal data belonging to MGH employees and credentialed clinicians employed from January 2015 to November 2023 was stolen.

We know that some patients and donors are also affected by the incident, though it will take us time to analyze data to determine who is affected and how. We will continue to be transparent and will notify those affected as appropriate.

We encourage you to learn more:

We appreciate that this news is concerning and we apologize. We want to express our sincere thanks to all those involved in responding to this incident, including our healthcare teams, partners, government agencies and law enforcement services. We also want to thank our patients, community members, staff, credentialed clinicians and donors for their patience and support as our investigation continues.


Update: November 8, 2023

It has been a very challenging few weeks for public sector organizations in Ontario experiencing cybersecurity incidents, including hospitals, healthcare centres and libraries. It is unfortunate that these incidents are becoming increasingly common, especially when they impact organizations that are dedicated to serving the health and well-being of our communities.

At Michael Garron Hospital (MGH), we recently suffered a data security incident perpetrated by a cyber threat actor group. We did not pay a ransom and we are aware that data connected to the incident may be published. Having received the advice and counsel of leading third-party experts, we determined we would not yield to ransom demands. Our programs and patient care services continue to operate normally and MGH remains a safe place to receive care.

We have determined that some personal data belonging to MGH employees and credentialed clinicians employed from January 2015 to November 2023 was stolen.

We know that some patients and donors are also affected by the incident, though it will take us time to analyze data to determine who is affected and how. We will continue to be transparent and will notify those affected as appropriate. We encourage you to read our Frequently Asked Questions page to learn more.

We appreciate that this news is concerning and we apologize. We want to express our sincere thanks to all those involved in responding to this incident, including our healthcare teams, partners, government agencies and law enforcement services. We also want to thank our patients, community members, staff, credentialed clinicians and donors for their patience and support as our investigation continues.


Update: November 3, 2023

On October 23, 2023, Michael Garron Hospital (MGH) was made aware of a data security incident. We immediately engaged third-party experts to investigate and assess the impact, while planning and implementing additional proactive measures to safeguard our data and information systems.  

Based on the ongoing investigation, we have determined that some patient, staff, credentialed clinician and donor data has been exposed. At this time, there is no indication that our patient health information database was compromised or that this incident is related to the cyberattack recently experienced by other hospitals in southwestern Ontario. 

As always, please be vigilant in reviewing any online correspondence. Should you receive suspicious communications related to our hospital, kindly let us know at foundation@tehn.ca.

We continue to work with third-party experts to assess the extent of the exposure and individuals impacted. We will notify individuals whose data is affected by this incident in accordance with the law. 

We are working closely with government agencies and law enforcement and we have reported the incident to the Ontario Information and Privacy Commissioner. 

The health and safety of our community is our top priority. Our programs and patient care services continue to operate normally and MGH remains a safe place to receive care. We understand you may have questions about this data security incident and encourage you to read our Frequently Asked Questions page to learn more. 

We anticipate the investigation will take some time to complete. We appreciate your patience and support as our investigation continues and are committed to providing updates as we learn more. 


Update: November 2, 2023

On Thursday, October 26, Michael Garron Hospital (MGH) proactively initiated a Code Grey to facilitate a swift and coordinated response to the data security incident and ensure minimal disruption to hospital and broader health system operations. This response to the incident enabled the hospital to effectively prepare downtime procedures in the event of a large-scale information technology (IT) system failure.

MGH’s programs and patient care services are operating normally, with no impacts to our information and clinical application systems. Therefore, we are declaring the Code Grey All Clear. 

While we are transitioning out of the Code Grey, the investigation into the impact of the security incident continues, including assessing whether data has been exposed. We will provide more updates as we learn more.

As always, please be vigilant in reviewing any online correspondence. Should you receive suspicious communications related to our hospital, kindly let us know at foundation@tehn.ca.


Update: October 31, 2023

Earlier this week, Michael Garron Hospital was made aware of a data security incident. We are actively investigating and assessing the impact of the incident with the support of third-party experts.

As always, please be vigilant in reviewing any online correspondence. Should you receive suspicious communications related to our hospital, kindly let us know at @email.

At this time, there are no known impacts to clinical applications or patient care services. The hospital has initiated a Code Grey to facilitate the coordination of resources and business continuity.  

Out of an abundance of caution, our teams are in the process of planning and implementing additional proactive measures to safeguard our data and information systems while the investigation is underway.

We have no indication that this data security incident is related to the cyberattack recently experienced by other hospitals in Southwestern Ontario. 

We will provide updates as we learn more.


Original post: October 26, 2023

Earlier this week, Michael Garron Hospital was made aware of a data security incident. We are actively investigating and assessing the impact of the incident with the support of third-party experts.

As always, please be vigilant in reviewing any online correspondence. Should you receive suspicious communications related to our hospital, kindly let us know at foundation@tehn.ca.

At this time, there are no known impacts to clinical applications or patient care services. The hospital has initiated a Code Grey to facilitate the coordination of resources and business continuity.  

Out of an abundance of caution, our teams are in the process of planning and implementing additional proactive measures to safeguard our data and information systems while the investigation is underway.

We will provide updates as we learn more.