A ransomware group called Lynx yesterday took credit for a cyber attack on Lakelands Public Health in Ontario, Canada.
On February 3, the public health department announced a cybersecurity incident discovered on January 29, 2026 disrupted internal systems, including phone lines.
On its data leak website, Lynx says it breached Lakelands Public Health and stole confidential data. To prove its claim, Lynx posted sample images of what it says are documents stolen from the department.
Lakelands Public Health has not acknowledged Lynx’s claim, and Comparitech cannot verify the authenticity of the documents. We do not know what data was compromised, if Lakelands Public Health paid a ransom, how much Lynx demanded, or how attackers breached the department’s network. It declined answering Comparitech’s questions due to the ongoing investigation.
“Lakelands Public Health is advising the public that it is currently responding to a cybersecurity incident discovered on January 29, 2026, affecting some of its internal systems,” says Lakeland’s February 3, 2026 update. “Some programs and services may experience temporary disruptions as restoration work continues.”
“Based on what we know to date the systems that house data for infectious disease and clinical appointments have not been impacted. So, we aren’t able to comment on any data compromised to-date or how many impacted,” said LPH communications manager Ashley Beaulac in an email to Comparitech. “We can’t comment on any ransom demand due to the ongoing investigation. What we can say is that our priority is protecting our systems and information, and we’re working closely with law enforcement and external cybersecurity specialists.”
“In the event the investigation determines that any personal or personal health information has been impacted, any affected parties will be contacted accordingly,” she said.
Who is Lynx?
Lynx is a spin-off of Inc, another prominent ransomware group. Lynx operates a ransomware-as-a-service scheme in which affiliates pay Lynx to use its malware and infrastructure to launch attacks and collect ransoms. Lynx’s malware both steals data and encrypts target systems.
Lynx has claimed responsibility for 49 confirmed ransomware attacks since it began in July 2024, plus 361 unconfirmed attack claims that haven’t been publicly acknowledged by the targeted organizations.
The cybercriminal group has launched attacks on seven healthcare providers and 11 government entities. Lynx took credit for the following breaches:
- Community Based Support (Australia) reported an October 2025 data breach
- South African Bureau of Standards reported a November 2024 data breach
- Douglasville-Douglas County Water and Sewer Authority (USA) reported a November 2024 data breach
- Chester County Library System (USA) reported a September 2025 data breach
Ransomware attacks on Canadian government
Comparitech researchers tracked a 31 percent increase in ransomware attacks on Canadian organizations in 2025, from 300 in 2024 to 392 last year. The attack on Lakeland is the first confirmed attack on a Canadian entity in 2026.
In 2025, eight Canadian government entities reported data breaches tied to ransomware attacks:
- Hinton, AB reported a February 2025 data breach claimed by RansomHub
- Fort St. John, BC reported a February 2025 data breach claimed by Inc
- Orangeville, ON reported a February 2025 data breach claimed by BlackSuit
- MRC de Maskinongé, QC reported a March 2025 data breach for which Medusa demanded a $100,000 ransom
- Devon, AB reported a July 2025 data breach claimed by Inc
- Oxford County, ON reported a September 2025 data breach claimed by BrainCipher
- Ville de Mont-Laurier, QC reported an October 2025 data breach claimed by Qilin
- Leduc County, AB reported a December 2025 ransomware attack by unknown hackers
Ransomware attacks on government entities can both steal data and lock down computer systems. They can disrupt any number of government systems from bill payments to court records and even emergency dispatch. Organizations must pay a ransom for the stolen data and to restore systems, or else they face extended downtime, permanent data loss, and putting data subjects at increased risk of fraud.
About Lakelands Public Health
Lakelands Public Health, formerly the HKPR District Health Unit and Peterborough Public Health, provides public health programs and services to residents in Kawartha Lakes, Haliburton County, Northumberland County, and Peterborough. It is publicly owned and operated by the local governments it serves.
