Back in June, Canadian news outlets provided an update on a ransomware attack on Saskatchewan’s eHealth system that had occurred on December 20, 2019.
Now as the year draws to a close, the government still doesn’t know whether personal information was compromised in the attack. And no, this is not uncommon. It is often very difficult for victims to unequivocally determine what got exfiltrated. David Giles reports:
A forensic investigation found that some files were sent to a suspicious IP address. Those were encrypted during the attack and later restored from backups, officials said.
However, they were unable to accurately determine what information was sent to the IP address.
Read more on Global News.