Newfoundland and Labrador Eastern Health Cyberattack Victims Receive Privacy Breach Notification

Approximately 37,800 people have received notification that their privacy was breached in the October 2021 cyberattack on Eastern Health, Newfoundland and Labrador’s largest health authority.

The public was first notified in November 2021 that personal information and personal health information had been compromised during the cyberattack by an unauthorized third party.

In a March 30, 2022, press release, Eastern Health stated that over 200,000 files were taken from a network drive in Eastern Health’s IT environment, a portion of which contain patient information. Employee information was also compromised.

To date, approximately 37,800 people have received notification that their privacy was breached, however Eastern Health expects the number to grow as investigation of the incident continues.

Eastern Health has offered the breach victims credit monitoring and identity theft protection services for a period of two years from the date of enrollment, but no other compensation in relation to the breach.

The Information and Privacy Commissioner has also been informed of the breach.

Class actions addressing cyberattacks, cyber breaches, and failure to protect personal information have been gaining traction in Canadian court rooms, and a number of settlements arising from such breaches have been approved.

If you have had your personal information compromised and would like to speak with our office about possible recourse, please contact our class action team via email at [email protected] or by phoning 902-425-7330.

Back to News & Insights