Unknown number of British Columbians' personal information for sale online after health company extorted
CTV News has learned the personal information of British Columbians has been leaked online, with an unknown number of people and agencies potentially still vulnerable, after a data breach at a mental health services provider.
Homewood Health, headquartered in Ontario with services and contracts across Canada, acknowledges it was hacked earlier this year and has recently begun contacting affected companies and agencies whose information may be compromised, including BC Housing, TransLink and the Provincial Health Services Authority.
CTV News has confirmed at least some of the information leaked online is authentic, though the bulk of the data is still on the auction block at Marketo, a site that describes itself as a "leaked data marketplace."
There appear to be hundreds of bids from prospective buyers.
“With the assistance of cybersecurity experts, we have been working diligently to understand how the information was obtained and what information has been affected,” wrote a Homewood Health spokesperson, blaming the breach on state-sponsored Chinese hackers, called Hafnium, who victimized thousands of companies earlier this year. “To date, neither Homewood Health nor its third-party cybersecurity experts have been able to find any evidence of any unauthorized access to any of Homewood Health’s client application systems.”
The company would not estimate how many people’s information could be compromised, insisting while they were notifying affected individuals as quickly as possible, “this process will take time.” They provide services ranging from career and family counselling, to mental health and addiction support and operate retreats for extended stays.
B.C. AGENCIES NOTIFIED OF DATA BREACH
BC Housing appears to be the agency most impacted thus far.
Personal information of hundreds of employees has already been leaked online as a “teaser” or sample of the kind of material the hackers possess, which the provide to try and verify the authenticity and value of the rest of the data package.
“We are very concerned that Homewood Health documents containing the personal information of our employees, and potentially their family members, have been compromised in a data incident,” wrote a spokesperson. “It is Homewood Health that was breached, and they must take steps to protect all those involved.”
The agency, which is focused on providing and running affordable and supportive housing, goes on to say that it's still waiting for critical information from Homewood Health, including how many people and how much information could be involved – and what kind of supports it will be providing for impacted employees.
The sample package also includes a contract between Homewood and TransLink, plus a document updating a previous agreement with BC Clinical Support Services, which is overseen by PHSA.
“We have been in communication with Homewood Health and they have assured us that there was no PHSA employee/patient information included in the breach they are managing,” wrote a spokesperson. “This contains purely contractual information and does not contain any personal information.”
TransLink said it was aware of the information for sale.
“This agreement does not contain any personal information of employees of TransLink or any of its subsidiaries,” it said in an email. “We have since been in contact with Homewood Health, and given that this is their active investigation, we will direct all questions to them."
A Homewood Health representative said the hackers had tried to extort the company over the information, characterizing it as a “dark web” scheme, but the Marketo website can be accessed by anyone with an internet connection.
“This isn't only on the dark web, Marketo group's site exists on the clear web too, so it's very easily accessed," explained online threat analyst Brett Callow, who works for Emsisoft on Vancouver Island. “These types of incidents are extremely common and there are about 2,500 organizations that have had their data stolen and published on sites like this -- and that just within the last couple of years."
THE HACKERS SPEAK UP
Marketo, which has the same name as an online marketing company by Adobe but bears no connection, calls itself a “leaked data marketplace” but it’s perhaps more accurate to describe it as an online clearinghouse for stolen information. The first and most prominent listing currently on its website is for Homewood Health, and it shows that 289 bids have purportedly been made for the information so far.
When CTV News contacted the site, a representative countered Homewood’s description of events, insisting they researched the weaknesses of Homewood Health and other companies and attacked them directly, insisting they did not acquire the data as part of the Hafnium hack.
“I got to say it right away that we just sell company data. We do not have the intention to harm customers or clients of this company,” wrote a spokesperson identifying themselves as Mannus Gott. “If the company understands and is willing to accept responsibility for the leak, there will be no publication. Otherwise, we are not responsible for the safety of this data.”
They say on Thursday, some of the data will be sold and the rest will be published.
Homewood says it has contacted police and has hired its own investigators and experts to advise them.
While extortion and blackmail of companies facing data breaches has become more and more common, it can be shocking and stressful for individuals caught up in the scheme.
"They should be reasonably concerned,” said Callow, suggesting they contact their banks to warn them if notified by Homewood. “The data that's out there could potentially be used for data theft and given the type of information Homewood may own, it could potentially be used to blackmail individuals as well, or attempt to."
Callow pointed out companies that’ve been breached will typically pay for customers to have monitoring in place after such a breach, adding this should be a reminder for individuals, companies and other organizations to take the utmost care in safeguarding their information, including using patches, updates and opting for multi-factor authentication whenever available.
Vancouver Top Stories
CTVNews.ca Top Stories
In an interview with CTV National News, NDP Leader Jagmeet Singh says Quebec’s secularism law is undoubtedly discriminatory, but won’t commit to federal intervention if elected prime minister.
Environics Analysis data shows that in ridings where the People's Party of Canada could draw votes from the Conservatives, it would help entrench Liberal or NDP seats. Further, the PPC’s impact could be drawing support from those who didn’t vote in 2019.
Since the reopening on July 1, COVID-19 hospitalizations have increased more than fivefold, with intensive care admissions reaching record highs.
Conservative Leader Erin O'Toole refused to say Thursday whether he still thinks Alberta Premier Jason Kenney has handled the pandemic better than the federal government, as the province faces a rapidly worsening COVID-19 situation.
Health Canada has authorized brand name changes for three COVID-19 vaccines. The Pfizer-BioNTech vaccine will now be named Comirnaty, the Moderna vaccine will be named SpikeVax, and the AstraZeneca vaccine will be named Vaxzevria, Health Canada said in a tweet Thursday.
The father of Gabby Petito, who was reported missing over the weekend, made a public plea Thursday for information on the disappearance of the Florida woman.
The father of a 7-year-old Michigan girl whose hair was cut by a teacher without her parents' permission has filed a US$1 million lawsuit against the school district, a librarian and a teacher's assistant.
A man who was abducted early Thursday morning has been located with life-threatening injuries following a shooting and home invasion that left one of his sons dead and another in critical condition, Hamilton police say.
The new cases were among 706 cases found across the province over the past 24 hours.
Saanich's Shelbourne corridor has seen a spike in crime over the last three months. According to police, it started when the former Mount Tolmie Hospital was taken over by BC Housing.
Our Place Society in Victoria, which offers supports to homeless and vulnerable people, suspended its drop-in service on Thursday due to safety concerns.
Premier Jason Kenney says vaccine appointment bookings nearly tripled after the province announced its vaccine passport program and additional public health safety measures.
Calgary mayor Naheed Nenshi had some harsh words for Jason Kenney, his government and his most recent policies on combating COVID-19's fourth wave on Thursday.
'We need to bend that curve': Alberta could transfer ICU patients to Ontario as hospitalizations near 900
The province now has 18,706 active cases, 896 hospitalizations and 222 ICU admissions.
After a pair of gusty, mid-teen days...we're warming back up for this afternoon and this weekend.
Here’s what you need to know to vote in the Greater Toronto Area.
COVID-19 outbreaks declared at two Toronto elementary schools as boards report more than 100 new cases
COVID-19 outbreaks have been declared at two Toronto elementary schools just one week after students returned to the classroom.
With just three days now until the federal election, the main party leaders will be keeping the campaign throttle wide open today as they chase any still undecided votes in Ontario, Quebec and Nova Scotia.
A spokesperson for the hospital where he died said the man's condition 'deteriorated rapidly.'
The election sign festival will resume on Friday as municipal campaigns officially begin in Quebec, while the federal campaign will not end until Monday.
Manitoba's nursing shortage is not unique to any one hospital, and one nurse working in Steinbach says the environment is sending nurses running.
A local musical theatre actress made an appearance last night on ‘The Tonight Show starring Jimmy Fallon.”
One person was taken to the hospital early Friday morning following a fight between two bus passengers in Winnipeg.
Saskatchewan Premier Scott Moe has announced a temporary indoor masking mandate that will come into force on Friday followed by a proof-of-vaccination policy. It's a move that comes after growing calls from residents in the province to install more measures.
One of the only memories Theron Morin has with his mom is speaking Cree with her.
'I still love Sheree': Recording of Greg Fertuck’s statement to police played during Saskatoon murder trial
An audio recording of Greg Fertuck's conversation with an RCMP investigator was played at his first-degree murder trial.
Saskatchewan confirmed 439 new COVID-19 cases on Thursday, along with one new death.
Cody Fajardo will start against the Toronto Argonauts on Friday, however, the Riders will be without A.C. Leonard.
Emergency room doctors say the trickle-down effects from the latest emergency room closures in N.S. are making their jobs a nightmare
Nova Scotia nurses are joining their unionized counterparts from across the country today for a national day of action to bring attention to the labour shortages in the country's health system.
Police in Truro, N.S. say they're continuing to investigate a homicide reported last week, including whether it was motivated by hate.
London police say they have a youth in custody following an alleged double stabbing on Fanshawe Park Road East.
With the election just days away leader of the Conservatives, Erin O’Toole will be making a visit to London Friday.
Sudbury health officials are warning of a high-risk exposure to COVID-19 at a recent bush party in the Greater Sudbury area and recommending everyone get tested.
Few details are known, but CTV News has learned the Transportation Safety Board is investigating a plane crash that happened near Sundridge, Ont. on Thursday night.
A fog advisory is in effect for Waterloo, Kitchener, Cambridge, Guelph, Erin and Southern Wellington County.
Charges for a 23-year-old man have been upgraded to manslaughter after a man died from injuries he sustained in an assault in Brantford last week.