Malware
Canadian Government Reveals Alarming Data Breach Following Contractor’s Cyberattack
The Canadian government has reported a data breach after a contractor’s systems were hacked. The data, which included sensitive information on over 100,000 individuals, was stolen in late August. The government has since enacted measures to protect affected citizens and is working to improve its cybersecurity infrastructure.
Picture this: You’re a government employee in Canada who’s been relocated to a new city for work. You trust that your personal and financial information is safe in the hands of the contractors managing your move. But then, you find out that not one, but two of these contractors have been hacked, exposing sensitive information for potentially thousands of government employees like you. Scary, right?
Well, that’s exactly what happened last month when both Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, providers of relocation services to Canadian government employees, experienced data breaches.
Who’s Been Affected?
The compromised data dates back to 1999 and belongs to a diverse group of individuals, including members of the Royal Canadian Mounted Police (RCMP), Canadian Armed Forces personnel, and Government of Canada employees. The exact number of affected employees is still unknown, but those who have used relocation services since 1999 might have had their personal and financial information exposed.
Who’s Behind the Attack?
While the Canadian government hasn’t officially pointed fingers, the LockBit ransomware gang has already claimed responsibility for breaching SIRVA’s systems. They’ve even leaked what they say are archives containing a whopping 1.5TB of stolen documents. The ransomware group has also made public the contents of failed negotiations with alleged SIRVA representatives, claiming that SIRVA undervalued the worth of their stolen information.
How Has the Government Responded?
Upon learning of the contractor breaches on October 19th, the government quickly reported the incidents to relevant authorities, including the Canadian Centre for Cyber Security and the Office of the Privacy Commissioner. While the analysis of the vast volume of compromised data continues, the government is taking a proactive, precautionary approach to support those potentially affected.
According to a statement published last Friday, services such as credit monitoring or reissuing valid passports that may have been compromised will be provided to current and former members of the public service, RCMP, and the Canadian Armed Forces who have relocated with BGRS or SIRVA Canada during the last 24 years.
What Can You Do to Protect Yourself?
If you’re one of the individuals potentially affected by this data breach, it’s important to take precautionary measures. Start by updating your login credentials, enabling multi-factor authentication, and keeping a close eye on your online financial and personal accounts for any unusual activity. If you suspect unauthorized access to your accounts, contact your financial institution, local law enforcement, and the Canadian Anti-Fraud Centre (CAFC) immediately.
Stay Informed and Stay Safe
As a trusted IT Services provider, we’re here to help you stay informed and protect yourself against cybersecurity threats. Keep coming back to learn more about the latest hacks, breaches, and security tips. Together, we can stay one step ahead of the bad guys.