360,000 warned of vaccine database compromise

The Ontario government has begun notifying some 360,000 people last week that their personal information may have been compromised due to a COVID-19 vaccine database breach last year.

On November 16, 2021, a data breach occurred in the province’s vaccine booking system. Following the breach, Ontario residents reported receiving text messages addressed to either themselves or their relatives, asking them to reply to the messages to receive a cash reimbursement.

The messages sent in the wake of the breach are believed to be phishing attempts. At that time, the office of the Solicitor General had warned Ontarians that the government would never conduct a financial transaction through texts.

Two people were charged in connection to the breach, including an employee of Ontario’s vaccine contact centre, The Canadian Press reported.

In its latest announcement, the Ontario government explained that it takes time to determine the scale and impact of data breaches. The provincial Ministry of Public and Business Service Delivery also added that it continues to have confidence in the vaccine booking system.

“Ontario’s COVID-19 vaccine booking system is regularly monitored and tested as part of the Ministry of Health’s cybersecurity protocols,” the ministry said in a statement.

“We remain confident that the booking system continues to be a safe and secure tool for Ontarians to use.”

The Canadian Press additionally reported that of the 360,000 people affected by the breach, about 95% only had their names and/or phone numbers compromised. At the time of the breach, the government gave assurances that no personal health information was accessed.