The Canadian Nurses Association (CNA) openly acknowledges its collaboration with its members in addressing a hacker group’s breach of sensitive data earlier this year.
According to a CNA spokesperson, representing nearly half a million nurses nationwide, the association faced a security incident on April 3. While this incident did not disrupt its operations, it did impact specific systems.
The spokesperson explained, “We initiated an immediate investigation and enlisted reputable third-party experts upon discovery. As a precautionary measure, we promptly notified the appropriate law enforcement authorities.”
The investigation into the incident has since concluded, and we have duly informed affected members. CNA actively engages with its members and closely collaborates with trusted industry partners to implement heightened security measures, safeguarding its systems and preventing future similar incidents.
It’s worth noting that in May, two distinct ransomware groups, Snatch and Nokoyawa, claimed responsibility for the attack. However, on September 1, the Snatch group, now focusing on data exfiltration and extortion without ransomware, leaked 37 GB of data from CNA.
Confusion surrounds the group’s activities since a Telegram channel was created in July by a group with the same name. While the group confirmed to Databreaches.net that ransomware was not used in the attack on CNA, they provided conflicting information in the interview about whether their extortion operation was linked to the longstanding ransomware group.
Later, the group clarified on Telegram that it is distinct from the ransomware gang with the same name. However, DataBreaches.net pointed out that both ostensibly separate groups share the same URL for their leak sites.
