cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Canadian hospital declares Code Grey cyber security incident, some systems offline

Ross Memorial Hospital in Ontario, Canada has been hit by a “suspected cyber security incident”, causing it to declare a Code Grey emergency.

user icon David Hollingworth
Wed, 08 Feb 2023
Canadian hospital declares Code Grey cyber security incident, some systems offline
expand image

The hospital is not saying much more about the attack, other than that a third party is working with the hospital’s own staff on the matter.

“In the meantime, as high-quality patient care is our priority, we are managing our established protocols to maintain continued delivery of our critical hospital services,” the hospital’s public affairs officer said in a statement. “Our systems restoration plan is also ongoing, and we are communicating with our local, regional, and provincial partners regarding next steps.”

The hospital is urging patients with “less urgent conditions” to look for alternate care options.


Code Grey is a term used in Australian hospitals to respond to violent incidents and threatening behaviour, but in Canada, the term refers to any incident that might compromise a hospital’s normal function, such as a power or telecommunications outage.

While the hospital is being circumspect about the nature of the incident, a local news service is calling the incident a “suspected ransomware attack” and reported that access to medical files and diagnostic systems had been affected.

According to Kawartha 411, patients in the hospital’s emergency department described the situation as “crazy”.

“Patients say staff aren’t able to access the systems needed for treatment and they say even the parking machines aren’t working properly,” the site reports.

Canada’s healthcare system has seen a sharp rise in the number of cyber attacks in the last few months. In December, a LockBit affiliate compromised a number of important systems at the country’s largest children’s hospital, The Hospital for Sick Children — also known as SickKids during a ransomware attack.

In this instance, however, LockBit actually apologised for the attack, claiming that it forbids its affiliates from targeting medical institutions. LockBit provided the hospital with a decryptor to unlock the affected files, and reportedly disavowed the errant hacker.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.