Thousands of patient records are being held for ransom right now and there are questions about whether the home healthcare company involved has been properly notifying patients.
Hackers recently contacted the Canadian Broadcasting Corporation to prove they had the goods, by providing a sample of what they have taken from CarePartners.
"The sample includes thousands of patient medical records with phone numbers and addresses, dates of birth, and health card numbers, as well as detailed medical histories including past conditions, diagnoses, surgical procedures, care plans and medications for patients across the province.
Another document appears to contain more than 140 active patient credit card numbers and expiry dates, many with security codes."
The Ontario government contracts with the company to provide home healthcare services in the Province.
And the hackers did not stop with patient data. They also provided the CBC with data they have taken on employees.
The CBC published an investigative report that reveals more about this game of digital extortion that is being played by hackers and why the hackers say they did it.
The report also raises questions about notifications in this case:
"CBC News contacted ten patients whose records were included in the provided sample and confirmed they had been patients of CarePartners. Each said they had not been directly notified by CarePartners and were unaware there had been a breach."
