Security News > 2023 > November > Canadian government discloses data breach after contractor hacks
The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees.
These breaches occurred last month and impacted Brookfield Global Relocation Services and SIRVA Worldwide Relocation & Moving Services, both providers of relocation services to Canadian government employees.
Government-related information stored on compromised BGRS and SIRVA Canada systems dates back to 1999, and it belongs to a broad spectrum of affected individuals, including members of the Royal Canadian Mounted Police, Canadian Armed Forces personnel, and Government of Canada employees.
While the Canadian government has yet to attribute the incident, the LockBit ransomware gang has already claimed responsibility for breaching SIRVA's systems and leaked what they claim to be archives containing 1.5TB of stolen documents.
After being notified of the contractors' security breaches on October 19th, the government promptly reported the breach to relevant authorities, including the Canadian Centre for Cyber Security and the Office of the Privacy Commissioner.
TransForm says ransomware data breach affects 267,000 patients.
News URL
Related news
- Data breach at Japanese telecom giant NTT hits 18,000 companies (source)
- PowerSchool previously hacked in August, months before data breach (source)
- Western Alliance Bank notifies 21,899 customers of data breach (source)
- Sperm donation giant California Cryobank warns of a data breach (source)
- Pennsylvania education union data breach hit 500,000 people (source)
- StreamElements discloses third-party data breach after hacker leaks data (source)
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Food giant WK Kellogg discloses data breach linked to Clop ransomware (source)
- The quiet data breach hiding in AI workflows (source)
- Hertz confirms customer info, drivers' licenses stolen in data breach (source)