Dani-Elle Dubé reports:
Arnprior Regional Health says it has been the target of a cyber attack that has breached data dating back to decades ago.
The hospital network confirmed the news via an announcement on its website on Thursday, May 19, adding that it had become aware of the attack on its IT system on December 21.
At this time, there is no further misuse of the data, and the hospital has received assurance that the data has been deleted.
Read more at Ottawa City News
From the reference to assurance of deletion, it sounds like Arnprior paid an extortion demand. The announcement on the site provides a detailed list of what categories of patients may have been impacted. It does not seem to offer any mitigation services, but perhaps that is in notification letters?