What Happened?
On October 31, 2024, BCCHC discovered that an unauthorized party gained access to a portion of our network and deployed malware, rendering several of our Information Technology (IT) systems temporarily inaccessible.

The unauthorized third party deployed malware and, in turn, was able to extract certain client data from our network, including scanned archived client charts and other documents contained on the affected system.

We took immediate steps to contain and secure our systems and launched an investigation into the cause and scope of the incident.  This was done with the assistance of our IT provider and cybersecurity experts.

Through the investigation, BCCHC became aware that certain data was extracted from our network by the unauthorized third party, including archived client data in the form of scanned patient charts, among other documents.

How am I Affected?
If you are have received services from BCCHC, you may have been impacted by this incident.  It is possible that the following personal information of yours may have been included in the data extracted during the incident: Name, Address, Emergency contact information, Date of birth, Health card number, Test results and Care plan. 

The type of personal information impacted may vary based on the nature of the service or program you received at BCCHC.

What We Are Doing
Data privacy is of utmost importance to BCCHC. We began working with cybersecurity experts immediately after discovering the information breach to isolate the affected systems, contain the threat, investigate the full scope of the incident and to ensure our systems were safe to continue our operations.

We have taken additional measures to further strengthen our security controls to limit the potential of this type of incident happening again. We are also working with cybersecurity experts to incorporate any lessons learned from this incident.

We have notified the Information and Privacy Commissioner of Ontario and reported this incident to law enforcement.

At this time, there is no evidence that any of the data involved in this incident has been misused for fraudulent purposes. We continue to monitor the internet, including the dark web, for any activity related to this incident.  If we become aware of any misuse of our information, we will provide you with an update.

We have consulted cybersecurity experts and determined the type of information affected has a minimal risk of encouraging identity theft or fraud.

What do I do now?
There are no additional steps you need to take.

It is important to always remain vigilant in protecting your information by monitoring your online accounts and reporting any unusual activity to the police and service providers.

A reminder that we only request confidential information from you in-person or through the use of secure software and only after receiving consent from you to receive e-mail communication from us.

You have a right to file a complaint with the Information and Privacy Commissioner of Ontario (IPC). To do so, you can visit the IPC’s website and complete the complaint form or email the form to complaints@ipc.on.ca. You may also mail the completed form to:

Registrar, Information and Privacy Commissioner/Ontario

1400-2 Bloor Street East, Toronto, Ontario, M4W 1A8

For more information, you may contact the IPC by telephone (416-325-7539) or email (info@ipc.on.ca).

Contact Us
If you have any further questions not addressed by this communication, please contact us at

437-604-1590, or at privacy@bcchc.com.

We remain committed to providing you with the highest quality of services at BCCHC.