Notice of August 2025 Data Security Incident

What Happened and What Information is Involved 

On August 22, 2025, YSSN discovered that an unauthorized third party gained access to our network. Upon discovering this, we took immediate steps to secure our systems. We also engaged third-party cybersecurity experts to investigate the cause and extent of this incident and to oversee our incident response efforts. 

While our investigation found no conclusive evidence that data was accessed or taken without authorization, it could not rule out the possibility that this occurred. Accordingly, it is possible that certain data stored on our systems was accessed or taken without authorization as a result of this incident. This includes information such as names, addresses, dates of birth and email addresses. It may also include information you provided to us in connection with our services, including diagnosis, health card, and social or educational background information.  

What This Means for You 

We have no reason to believe that your information was targeted specifically. We similarly have no evidence that any information that may have been impacted in this incident has been further disclosed or misused for any fraudulent purposes. We are notifying you out of an abundance of caution.  

As general best practices, we recommend you take the following steps: 

  • Never respond to any unsolicited requests for your personal or financial information.  
  • Change your passwords regularly and make sure they are secured with multi-factor authentication whenever possible.  
  • If at any time you believe you have been the victim of fraud or identity theft, contact your local law enforcement agency and file a police report. 
  • Remain vigilant of phishing or spoofing attempts. Spoofing is an impersonation tactic used in phishing campaigns to deceive individuals into thinking that a communication, either a letter or email, came from a trusted source and to leverage that trust to obtain further information or defraud the recipient. 
  • Avoid clicking on links or downloading attachments from suspicious emails. 

What We Are Doing  

We have been working closely with our cybersecurity experts to assess ways in which we can bolster our defences to better against incidents of this nature and have already implemented several enhanced security measures. We will continue evaluating opportunities to improve our security safeguards, where appropriate, on an ongoing basis. We take the privacy and security of the data in our custody very seriously. 

We have also reported this matter to the Information and Privacy Commissioner of Ontario. While no action is required on your part, you have the right to make a complaint to the Commissioner’s office. Instructions for how to do so can be found on their website at https://www.ipc.on.ca/en 

If you have any questions or concerns, please contact Scott Belisle, Privacy Officer, at [email protected]. 

Sincerely, 

Kimberly Thorn 
Executive Director  

© 2026 YSSN. All Rights Reserved.
Website by Wandzilak Web Design
crossarrow-right linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram