Nearly 326,800 patients at five hospitals in Southwestern Ontario are expected to receive letters next week indicating that their information may have been compromised during the October 2023 cyberattack.

The attack – previously claimed by a group called Daixin Team – affected the shared IT provider for Windsor Regional Hospital, Hotel-Dieu Grace Healthcare, Erie Shores Healthcare, Chatham Kent Health Alliance, and Bluewater Health.

Senior officials from all five hospitals announced this statement on Wednesday, noting that the cyberattack on TransForm Shared Services led to varying levels of information breaches at each institution.

The number of patients expected to receive written notice that their information was somewhat compromised is:

Erie Shores Healthcare: 102,000.

 Bluewater Health, 82,000.

 Chatham Kent Health Alliance: 69,000.

 Hotel-Dieu Grace Healthcare: 46,000.

 Windsor Regional Hospital: 27,800.

At Windsor Regional Hospital, the stolen data primarily consists of patient names, room numbers, general diagnoses, and other admission-related information.

CEO David Musyj said on Wednesday that patient health records, social insurance numbers, and bank account information were not compromised at Windsor Regional Hospital.

Musyj explained: "Overall, from a patient lens, systems have largely been restored at Windsor Regional Hospital - [except] some ancillary systems." "We have to make sure when restoring these systems that security is verified by a third party."

One of the hospitals that experienced theft of patients’ social insurance numbers is Bluewater Health, where nearly 20,000 of its patients were compromised.

The President and CEO of Bluewater Health said the cyberattack mainly affected diagnostic imaging labs and testing "and our ability to deliver reports to our community healthcare providers."

Paula Rium Zimmer said: "We have nearly 9,000 diagnostic images [scanned]. Any CT scans, X-rays, MRIs. All those individual appointments have been rescheduled and those individuals are now expected to attend their appointments."

Zimmer added that Bluewater Health expects to open a mobile MRI unit in about six weeks which "will prioritize patients currently on the regional MRI waitlist."

According to Christine Kennedy, CEO of Erie Shores Healthcare, the cyberattack primarily targeted administrative reports from a restricted shared drive.

In some cases, the reports included patient names. However, other cases resulted in a breach of "a range of information," such as addresses, birthdates, health card numbers, and "general reasons for patient visits."

Kennedy said: "Social insurance numbers or financial information were not part of our patients’ breach," adding that medical records were also not accessed at the hospital based in Leamington.

When asked whether the five hospitals would move away from their IT provider, Kennedy said they remain committed to restoring TransForm.

She did not disclose details about the security improvements being made to prevent future cyberattacks, noting that this is currently a "legal matter in courts."

Kennedy added: "We have actively participated in developing cybersecurity as with our many hospitals across the province, and continue to do so and will keep doing so."

At Chatham Kent Health Alliance, President and CEO Lori Marshall said some of the information they lost included patient names, addresses, treatment information, diagnoses, and appointment dates.

Marshall said: "To be clear, very few health card numbers were stolen," without specifying the exact number.

According to Marshall, who said CKHA patients' social insurance numbers were not affected by the cyberattack, critical systems related to diagnosis and treatment have been fully restored.

She added that back-office systems, which include non-clinical functions such as human resources and finance, have been fully restored.

She said: "Work is ongoing at CKHA hospital to restore remaining subsystems, both clinical and administrative. We expect most of these to be completed before the end of June 2024."

Hotel-Dieu Grace Healthcare experienced theft of patient names, birthdates, care locations, program details, diagnosis, treatment information, and health card numbers as a result of the cyberattack, according to HDGH President and CEO Bill Marra.

Marra said: "Most system restorations have been completed... recently, our financial and security systems have been brought online, leading to more normal operations."

A claim statement obtained by CTV News in November 2023 showed all five hospitals face a $480 million class-action lawsuit alleging the hospitals failed to adequately protect patient records.