Security News > 2023 > November > Canadian government discloses data breach after contractor hacks

The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees.
These breaches occurred last month and impacted Brookfield Global Relocation Services and SIRVA Worldwide Relocation & Moving Services, both providers of relocation services to Canadian government employees.
Government-related information stored on compromised BGRS and SIRVA Canada systems dates back to 1999, and it belongs to a broad spectrum of affected individuals, including members of the Royal Canadian Mounted Police, Canadian Armed Forces personnel, and Government of Canada employees.
While the Canadian government has yet to attribute the incident, the LockBit ransomware gang has already claimed responsibility for breaching SIRVA's systems and leaked what they claim to be archives containing 1.5TB of stolen documents.
After being notified of the contractors' security breaches on October 19th, the government promptly reported the breach to relevant authorities, including the Canadian Centre for Cyber Security and the Office of the Privacy Commissioner.
TransForm says ransomware data breach affects 267,000 patients.
News URL
Related news
- HPE notifies employees of data breach after Russian Office 365 hack (source)
- GrubHub data breach impacts customers, drivers, and merchants (source)
- Fintech giant Finastra notifies victims of October data breach (source)
- US drug testing firm says data breach impacted 3.3 million people (source)
- US drug testing firm DISA says data breach impacts 3.3 million people (source)
- Background check, drug testing provider DISA suffers data breach (source)
- Data breach at Japanese telecom giant NTT hits 18,000 companies (source)
- PowerSchool previously hacked in August, months before data breach (source)
- Western Alliance Bank notifies 21,899 customers of data breach (source)
- Sperm donation giant California Cryobank warns of a data breach (source)