FNHA releases further information on cybersecurity incident to First Nations people

October 7, 2024

Unceded territories of the xʷməθkʷəy̓əm (Musqueam), Sḵwx̱wú7mesh (Squamish) and səlilwətaɬ (Tsleil-Waututh) Nations |VANCOUVER – The First Nations Health Authority (FNHA) has concluded its investigation of a cybersecurity incident that occurred on May 13, 2024, and is notifying First Nations people in BC if and how they have been impacted.

In addition to notifying First Nations people of the impact to their personal information, the FNHA will be offering appropriate supports, including live support through a Cyber Incident Support Centre.

“Upon discovery of unauthorized access to the FNHA network, our teams immediately deployed technological countermeasures to secure our files, systems and network from further attack,” said Richard Jock, CEO of the FNHA. “We then retained third-party cybersecurity experts to assist in containing, investigating and recovering from this incident.”

Through the investigation, the FNHA and its third-party experts identified a number of impacted files containing personal information. These files were reviewed using both technological and manual processes, which required time and attention to detail, to identify all of the people affected and the nature of the impacted personal information. A copy of the full notification letter can be found here.

A detailed Q&A document has been posted here.

The investigation confirmed the following groups of people have or may have had their personal information impacted:

· Current (hired before May 13, 2024) and certain former employees of the FNHA (those who received a T4 tax form for the years 2021-2023);

· First Nations peoples who live or have recently lived in British Columbia (BC) and who have a Certificate of Indian Status card;

· First Nations peoples and their immediate non-First Nations family members who lived on reserve or in First Nations communities in BC on or before March 29, 2016 and who had one or more Tuberculosis screening tests prior to that date;

· Individuals who have filed compliments or complaints, or who have had a compliment or complaint filed on their behalf, with the FNHA’s Quality Care and Safety Office, or with another provincial health authority’s Patient Care Quality Office where that compliment or complaint was shared by or with the FNHA’s Quality Care and Safety Office between January 1, 2020 – May 13, 2024.

Although the impact of the cybersecurity incident is not the same for everyone, the attackers were able to access the following types of information:

· First and last names;

· In some, but not all cases, personal contact information such as home address; home or mobile phone number; email address;

· Demographic information such as date of birth and gender;

· Certificate of Indian Status Card number;

· Personal Health Number;

· Health insurance plan eligibility information (e.g. MSP, Pacific Blue Cross);

· Pacific Blue Cross health insurance claims information, including nature of claims and claims costs;

· Tuberculosis screening test results for those living on reserve or in First Nations communities in BC and who were tested on or before March 29, 2016; and

· Information about compliments or complaints filed with or managed by the FHNA.

The FNHA has arranged to provide a credit monitoring and identity theft restoration service for a period of 24 months at no cost to anyone whose status number has been impacted by the cybersecurity incident. Additionally, a dedicated FNHA Cyber Incident Support Centre is available to people who may have questions not answered in the FNHA’s frequently asked questions page.

To reach the Support Centre by telephone, please call 1-844-723-6518. The operating hours of the Support Centre are 7:00 am – 3:00 pm Pacific time, Monday to Friday. To reach the Support Centre by email, please contact [email protected]. Emails can be sent at any time and a representative will respond within 48 hours of reading it during the Support Centre’s operating hours.