The Hospital for Sick Children in Toronto says most of its priority systems are back after a ransomware attack affected its operations.

Dr. Ronald Cohn, president and CEO of SickKids, says in a release Thursday that about 80 per cent of the hospital's priority systems have been restored.

He says the cyberattack that began on Dec. 18 was dealt with relatively quickly with minimal disruptions to patients and families.

On Saturday, LockBit, a ransomware group the U.S. Federal Bureau of Investigation has called one of the world's most active and destructive, issued a brief apology and offered SickKids a free decryptor to unlock its data.

Cohn says the hospital did not use the decryptor, it has not paid any ransom and its technology team is working to restore the remaining systems.

He says patients and families are unlikely to experience any significant impacts to their care and most of the hospital's clinical teams are no longer using downtime procedures.

“I am very thankful that we have been able to call the Code Grey All Clear relatively quickly with minimal disruptions to patients and families," Cohn said.

"Without the extremely hard work of our staff and expertise of external advisers over the holidays, we would not have been able to lift the Code Grey as efficiently as we have.

"I want to express my deepest gratitude and thanks to our staff, patients, families and community partners for their patience and support, as well as the broader community for the overwhelming offers of assistance and expertise over the past two weeks."

Hospital for Sick Children in #Toronto says most systems back after ransomware attack. #SickKids #Cybersecurity #Cyberattack

Cohn said the investigation into what happened is ongoing.

He said the hospital called the Code Grey when the cybersecurity attack was first discovered on Dec. 18 and initiated its plan to deal with it, including consulting third-party cybersecurity experts.

Cohn said the hospital’s electronic medical records were not affected.

LockBit has been connected to recent cyberattacks on municipalities in Ontario and Quebec, experts say, and a Russian-Canadian citizen was arrested in October for his alleged participation in the group.

U.S. officials allege the group has made at least $100 million in ransom demands and extracted tens of millions from victims.

This report by The Canadian Press was first published Jan. 5, 2023

Keep reading