Employee pay system at Windsor Regional Hospital offline since ransomware attack began

The employee payment system at Windsor Regional Hospital (WRH) has been shut down since the ongoing cyberattack began across five southwestern Ontario hospitals more than a week ago.

Ransomware attacks involve hackers threatening to publish sensitive data or block access to it unless a ransom is paid. 

In a memo to staff, seen by CBC News, the hospital says staff will be paid, but pay may not be fully accurate.

And in a second memo, the hospital confirms that employee personal and professional information is among the data affected by the ransomware attack.

The attack has forced the hospital to manually process payroll.

“Minor pay errors discovered on the November 2 pay will be corrected as soon as possible once full payroll system functionality is restored and stable,” one memo stated.

On Tuesday, TransForm, the hospitals’ IT service provider, confirmed its network had fallen prey to a ransomware attack. 

Interpol, FBI and OPP are among the law enforcement agencies now assisting with the investigation.

The affected hospitals — Windsor Regional Hospital, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare, Bluewater Health and Chatham-Kent Health Alliance — have had to reschedule and postpone surgeries and appointments.

Radiation treatments for cancer patients at WRH are also being transferred to other hospitals.

LISTEN | Ransomware attack at five Ontario hospitals discussed on Windsor Morning:

The second memo encouraged staff to sign up for credit monitoring and identity theft protection.

“We strongly encourage each of you to take advantage of this offering,” it said. 

“You do not have to pay for it, and it can be instrumental in identifying any potentially fraudulent activity.