A cybersecurity threat analyst said eHealth Saskatchewan was too quick to promise that personal data was secure — and not quick enough to disclose the discovery that it might have been compromised in a ransomware attack. In early January, CEO Jim Hornell said confidential medical information was secure following a cyber infiltration at eHealth. Absence of evidence isn't evidence of absence," said Brett Callow, a B.C.-based threat analyst for international cyber security firm Emsisoft. In January, Hornell told CBC that antivirus software had begun to issue alerts on Jan. 5 and then on Jan. 6 employees were asked for bitcoin in exchange for encrypted files. However, Hornell told CBC News in February the virus had actually entered the system in December — not January, as he first indicated.

Source: CBC News February 11, 2020 01:07 UTC