Canadian health insurer hit by cyber-attack

Canadian not-for-profit health and travel insurance provider the Saskatchewan Blue Cross says it is trying to restore its services following a concerted cyber-attack.

The company said its security team noticed unusual network activity on 20 April and initiated its incident response team, which included shutting down certain key systems and services.

In a statement on its website, Blue Cross said the system outage was caused by a cybersecurity incident.

“We immediately engaged cybersecurity experts to assist us with our investigation, assessment and remediation efforts and to help us restore services as quickly and safely as possible,” said the statement.

“Until our investigation is further along, we are unable to determine with certainty the impact, if any, to our members.”

President and CEO Shelley Vandenberg said she’s won’t know if private information was compromised until cybersecurity experts are able to learn more.

The company said it is committed to getting all the facts and will provide regular and transparent updates as more information is known.

Blue Cross added that it continues to experience a service outage, which is affecting its contact centre and group service centre phone lines, the personal member portal, the individual broker portal and online personal health plan applications.

Vandenburg said there is no timeline on when those services will be restored.

The hit to the Saskatchewan Blue Cross follows Commercial insurance provider CNA Hardy’s announcement last month that it had been hit by a “sophisticated” ransomware attack, which impacted its operations and email system and caused temporary disruption.

Following the attack, which happened on 21 March, the firm issued a statement regarding the online attack on its website:

“On 21 March, CNA determined that it sustained a sophisticated cyber security attack… The attack caused a network disruption and impacted certain CNA systems, including corporate emails.”