Toronto hospital network issues ‘grey coding’ as digital systems shut down

University Health Network issued a “grey code” — a hospital code for a system failure — but released few other details about what happened. Doug Ives/The Canadian Press

A major Toronto hospital network said its digital systems went down Monday and is working to investigate the cause of the outage.

University Health Network issued a “grey code” — a hospital code for a system failure — but released few other details about what happened.

“UHN is experiencing outages in our digital systems across our networks,” spokeswoman Gillian Howard said.

Currently, clinical areas use “stay procedures,” she said.

The UHN outage came after the Toronto Hospital for Sick Children issued a “code gray” last month when a ransomware attack affected its operations.

Last week, the children’s hospital said 80 percent of its priority systems had been restored and it had not paid any ransom.

LockBit, a ransomware group that the US Federal Bureau of Investigation has called one of the most active and destructive in the world, has apologized for a hack allegedly carried out by one of its partners.

He suggested using a decryptor, but SickKids said he didn’t use it while their technology team was restoring its systems.

Meanwhile, Scouts Canada recently came under cyberattack on its “MyScouts” database, which helps run programs across the country. The system remains down, although Scouts Canada said only a small number of users were directly affected.

While it’s unclear what caused the latest UHN hospital outage, a research firm said data shows cyberattacks in Canada increased 20 percent last year.

Check Point Research said healthcare, finance and government industries were the hardest hit in 2022.

Ontario’s cybersecurity expert panel concluded in a September report that the broader public services sector needs more work to achieve “cyber maturity.”

The panel said that “cyber-related initiatives are happening in parallel across sectors without a centrally coordinated strategy or model.”

He suggested the province “strengthen existing governance structures to enable effective cybersecurity risk management” in the broader public service sector.