Security News > 2023 > November > Canadian government discloses data breach after contractor hacks
The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees.
These breaches occurred last month and impacted Brookfield Global Relocation Services and SIRVA Worldwide Relocation & Moving Services, both providers of relocation services to Canadian government employees.
Government-related information stored on compromised BGRS and SIRVA Canada systems dates back to 1999, and it belongs to a broad spectrum of affected individuals, including members of the Royal Canadian Mounted Police, Canadian Armed Forces personnel, and Government of Canada employees.
While the Canadian government has yet to attribute the incident, the LockBit ransomware gang has already claimed responsibility for breaching SIRVA's systems and leaked what they claim to be archives containing 1.5TB of stolen documents.
After being notified of the contractors' security breaches on October 19th, the government promptly reported the breach to relevant authorities, including the Canadian Centre for Cyber Security and the Office of the Privacy Commissioner.
TransForm says ransomware data breach affects 267,000 patients.
News URL
Related news
- HPE notifies employees of data breach after Russian Office 365 hack (source)
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- Largest US addiction treatment provider notifies patients of data breach (source)
- STIIIZY data breach exposes cannabis buyers’ IDs and purchases (source)
- EU law enforcement training agency data breach: Data of 97,000 individuals compromised (source)
- Wolf Haldenstein law firm says 3.5 million impacted by data breach (source)
- Otelier data breach exposes info, hotel reservations of millions (source)
- PayPal to pay $2 million settlement over 2022 data breach (source)
- UnitedHealth now says 190 million impacted by 2024 data breach (source)