We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

BORN Ontario Suffers Massive Data Breach

BORN Ontario Suffers Massive Data Breach
Author Image Zane Kennedy
Zane Kennedy Published on 28th September 2023 Former Cybersecurity Researcher

A significant data breach has hit the Better Outcomes Registry & Network (BORN), exposing the sensitive personal and health information of approximately 3.4 million individuals. BORN Ontario, a major perinatal and child registry, collects and shares essential data related to pregnancy, birth, and childhood.

The breach stemmed from a global vulnerability in the MOVEit software used by BORN for secure file transfers. Copies of files containing personal health information were taken from BORN’s systems during the breach.

The data in question includes names, addresses, postal codes, dates of birth, and health card numbers, along with clinical information such as dates of service or care, lab test results, pregnancy risk factors, type of birth, and procedures. The affected data spans from January 2010 to May 2023, mainly involving individuals seeking pregnancy care and newborns in Ontario.

Upon discovering the incident on May 31, 2023, BORN acted swiftly, posting a public notice and informing relevant authorities, including the Ontario Provincial Police and the Information and Privacy Commissioner (IPC) of Ontario. The organization collaborated with cybersecurity experts to isolate the affected server, contain the threat, and ensure its systems were safe to continue operating.

BORN has assured those impacted that there has been no evidence that suggests misuse of the stolen data for fraudulent purposes. Continuous internet monitoring, including the dark web, is being maintained to identify any relevant malicious activity. Furthermore, the registry has ceased using the MOVEit software that led to the breach.

BORN will continue to keep affected individuals informed and has established an “Am I Impacted” web page, covering more details on the breach and the types of care and providers affected. Despite the extensive breach, BORN maintains that no additional steps are necessary for the affected individuals at this time, apart from remaining vigilant towards unusual account activity and unsolicited communications requesting sensitive information.

The incident serves as a critical reminder of the increasing risks posed by cyber vulnerabilities, even in seemingly secure and essential systems such as healthcare registries. It highlights the urgent need for proactive cybersecurity measures to protect sensitive data and maintain public trust.

About the Author

Zane was a Cybersecurity Researcher and Writer at vpnMentor. His extensive experience in the tech and cybersecurity industries provided readers with accurate and trustworthy news stories and articles. He aimed to help individuals protect themselves through informative content and awareness of cybersecurity's crucial role in today's digital landscape.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address