Ontario child registry BORN reports MOVEit related data breach, impacting 3.4 million people

published: Sept. 25, 2023

Learn More

The Better Outcomes Registry & Network (BORN), a government-funded healthcare organization, has reported a data breach affecting a significant number of individuals. The breach was a result of an  attack targeting organizations worldwide by exploiting a  vulnerability in the Progress MOVEit Transfer software. BORN focuses on perinatal and child registry, gathers, analyzes, shares, and safeguards vital data related to pregnancy, birth, and childhood within Ontario.

The breach was detected by BORN on May 31. They also the expertise of cybersecurity professionals to isolate affected servers and contain the threat, ensuring that their operations could persist.

Approximately 3.4 million individuals, mostly newborns and pregnancy care patients who received BORN services from January 2010 to May 2023, had their sensitive information compromised.

The exposed data include:

  • names,
  • home addresses,
  • postal codes,
  • dates of birth,
  • health card numbers.

Depending on the care provided by BORN, additional information such as

  • dates of service/care,
  • lab test results,
  • pregnancy risk factors,
  • type of birth,
  • procedures,
  • pregnancy,
  • birth outcomes

may have also been exposed.

BORN established a web page outlining the impact of the incident on affected individuals and the data stolen. Despite confirming the breach, BORN clarified that as of now, there's no evidence of the stolen data being circulated on the dark web or being misused for fraudulent purposes. They continue to monitor the internet, including the dark web, for any such activity.

Individuals potentially impacted by this breach are advised to exercise caution with incoming communications, especially unsolicited messages requesting sensitive data.

Ontario child registry BORN reports MOVEit related data breach, impacting 3.4 million people