College of Nurses of Ontario investigating ‘cybersecurity incident’

It's currently unclear whether the personal information of the college's nearly 200,000 members has been compromised


The College of Nurses of Ontario (CNO), the province’s regulatory body for nurses, has experienced a “cybersecurity incident.”

In a statement posted to its website, CNO says it’s investigating the incident but has not yet provided specific details. Therefore, while the extent of the breach remains unclear, it could have compromised the personal information of the CNO’s nearly 200,000 members.

“The CNO is seeking to determine whether personal information was compromised as a result of the incident,” the college said in the statement. Having said that, the college confirmed that the incident occurred on September 8th, while members were only informed the morning of September 17th. It’s unclear why there was a nearly 10-day period between the discovery and public communication of the breach.

In it statement, the CNO simply noted that some services are temporarily unavailable as it continues its investigation, such as the public register Find a Nurse, the nurse renewal portal Maintain Your Membership, and the portal for applicants.

Speaking to CBC News, Vicki McKenna, president of the Ontario Nurses Association (ONA), criticized the CNO for not being more transparent about the incident.

“Thousands of nurses in this province won’t even know that this is taking place because you have to go to the website to find out, and this is our regulatory body, which holds a lot of personal information about each of its members,” she said.

Michael Hurley, the regional vice-president for CUPE, the group that represents Ontario’s registered practical, also told CBC News that the government “needs to get on the College of Nurses” to ensure the incident is immediately known to members so they can “can protect themselves and their identities.”

Image credit: CNO

Source: CBC News