HUNTSVILLE ENDS PROBE INTO 2024 RANSOMEWARE ATTACK; STAFF CONTACTING POSSIBLY THOUSANDS WHOSE SENSITIVE PERSONAL INFO MAY HAVE BEEN STOLEN

Cyber hack stole personal information with banking, passport, social insurance, health information, credit card, work, religious, criminal record data 

Mark Clairmont | MuskokaTODAY.com

HUNTSVILLE The Town of Huntsville says its 19-month investigation into a massive ransomware attack that crippled municipal computer systems for more than a month has concluded, confirming that personal information was stolen in the March 10, 2024 breach.

Town staff said the cyber attack forced the shutdown of municipal software, email and operations from March 10, 2024, until late April, when most systems were restored.

Residents whose information was compromised are only now being notified directly by email or letter.

“We have no evidence that any personal information has been offered for sale to third parties.”
— Town of Huntsville

Police have been notified and continue to investigate.

Huntsville town officials say that while a lot of data was stolen, they they don’t believe any of the it was offered to other users. They say police were contacted and are investigating.

In a statement released today, Dec. 8, town officials said the cyberattack locked down its network, software and operating systems until late April, when most services were finally restored.

Officials are now contacting individuals whose personal data was compromised, notifying them directly by letter or email. The town says there is “no evidence that any personal information has been offered for sale to any third parties who may seek to misuse it.”

Police have been notified and are continuing their investigation.

What Information Was Taken

The town says the type of information accessed varies, but may include:

  • Name, date of birth, email, home address
  • Bank account numbers, transit and institution numbers
  • Payment card information
  • Driver’s licence, health card, passport details
  • Social insurance numbers
  • Medical information, including diagnoses and provider records
  • Employment records and compensation
  • Religious preferences
  • Criminal history

Anyone whose sensitive data was found in the compromised files — and for whom the town has contact details — is being notified directly. These notices will not request any personal or financial information, the town emphasizes.

Chief administrative officer Denise Corry says the municipality recognizes the seriousness of the incident.

“We understand how concerning it may be to learn that your information has been compromised. We are making every effort to raise awareness in the community to ensure individuals are informed and can take the appropriate next steps.”

Residents who are not directly contacted but believe they may have provided sensitive information to the Town of Huntsville, Muskoka Heritage Place, the Algonquin Theatre, or Huntsville Public Library are urged to review the precautions listed in the town’s notice and visit priv.gc.ca for further guidance.

Town urges caution as notices go out

Chief administrative officer Denise Corry acknowledged community concern.

“We understand how concerning it may be to learn that your information has been compromised.”
— Denise Corry, CAO

Anyone who previously shared sensitive information with the Town of Huntsville, Muskoka Heritage Place, the Algonquin Theatre or the Huntsville Public Library — but does not receive a notice — is still urged to follow federal privacy-protection steps at priv.gc.ca.

How The Breach Happened

The breach was detected on March 10, prompting the town to immediately shut down its systems, activate its incident response plan, and bring in external cybersecurity experts.

Timeline Box: March 10, 2024 Hack

  • March 10: Breach detected; town initiates emergency cyber protocol
  • Systems taken offline to prevent further exposure
  • External cybersecurity specialists hired
  • Late April: Most services restored

What You Should Do Now

The town says there is still no evidence that any of the stolen personal information has been used fraudulently. Even so, residents are being urged to stay alert:

  • Treat any unsolicited emails, calls, letters or texts claiming to be from the town and requesting personal or financial information as fraudulent.
  • Monitor bank accounts and credit reports for suspicious activity.
  • Report suspected identity theft to local police.
  • Be cautious of phishing and spoofing attempts.
  • Do not click links or download attachments from suspicious messages.
  • Visit priv.gc.ca for additional identity-protection resources.

Residents can call the town’s dedicated incident-response line at 1-888-360-9965, available weekdays from 9 a.m. to 9 p.m.

Questions Already Asked?

Did the town pay a ransom?
The municipality says it cannot comment for security reasons while the investigation continues.

Why should residents trust the town going forward?
Officials say there is no evidence personal data has been misused and that cybersecurity upgrades are being implemented — though evolving threats remain a challenge for all organizations.

Has law enforcement been notified?
Yes. The town is cooperating fully with police investigators.

To Learn More

More information is available at huntsville.ca/cyber.

📧 Contact & Subscription

Email: news@muskokatoday.com

Subscribe: E-transfer $30 to news@muskokatoday.com

Mail: MuskokaTODAY.com, Box 34, Gravenhurst, ON P1P 1T5

Advertise: Email news@muskokatoday.com for rates