Ransomware’s latest victim: a child welfare authority

By Jason Contant | November 25, 2019 | Last updated on October 30, 2024
2 min read

HEADINGLEY, Man. – An Indigenous child welfare authority in Manitoba has called in the RCMP after being hit by a cyberattack that’s corrupted its computer files and potentially compromised the privacy of its clients.

Southern First Nations Network of Care spokesman Jim Compton said the organization’s IT department has been trying to restore service since its computers shut down on Thursday.

“It’s something called ransomware and it’s encrypted our files so that they’re unusable,” Compton said in an interview Sunday. “Our IT department was looking into it and after a few days of trying to get it up, this is what they tell us.”

RCMP confirmed their Integrated Technological Crime Unit has been made aware of the incident and is investigating.

Southern First Nations Network of Care is one of four authorities in Manitoba that manages child and family services. It represents 10 different agencies, although Compton has said the cyberattack has not affected all of them.

On Sunday, Compton said they weren’t able to connect to the internet at the authority’s office, and staff were trying to figure out how to provide services this week.

“There is a contingency plan that will basically have to set up shop somewhere in a boardroom and do it from there. At this point it would probably have to be manual for a lot of the claimants, the foster families, etc.,” Compton said.

The Manitoba government said in a news release that it has offered technical support and other resources to the authority and other partners in child welfare, as needed.

The province, which the release said was advised of the issue late Friday, is also limiting remote access to its computer systems to ensure security until the problem is resolved.

“It is critical the (authority) co-operate with the province in responding to this urgent situation and that it accept the mitigation support that has been offered by the province,” the news release said.

The government said the Southern First Nations Network of Care is still determining the extent of information that may have been at risk. It said that in addition to the RCMP, the Canadian Centre for Cyber Security is aware of the situation and is investigating.

Department officials, the province said, have notified the other three authorities of the attack and have been working together to continue delivering service.

It said that child welfare staff, including foster-care providers, who may be directly affected by the situation and require immediate child protection services, should contact their CFS agency by phone or call the provincewide toll-free intake line.

This report by The Canadian Press was first published Nov. 24, 2019.

Jason Contant