Third-Party Data Breach Affecting Canadian Government Could Involve Data From 1999
Connor Jones reports via The Register: The government of Canada has confirmed its data was accessed after two of its third-party service providers were attacked. The third parties both provided relocation services for public sector workers and the government is currently analyzing a "significant volume of data" which could date back to 1999. No formal conclusions have yet been made about the number of workers impacted due to the large-scale task of analyzing the relevant data. However, the servers impacted by the breach held data related to current and former Canadian government staff, members of the Canadian armed forces, and Royal Canadian Mounted Police workers -- aka Mounties. "At this time, given the significant volume of data being assessed, we cannot yet identify specific individuals impacted; however, preliminary information indicates that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies," a government statement read. Those who think they may be affected are advised to update any login details that may be similar to those used to access BGRS or Sirva's systems. Enabling MFA across all accounts that are used for online transactions is also advised, as is the manual monitoring of personal accounts for any potential malicious activity. Work is currently being carried out to identify and address any vulnerabilities that may have led to the incident, according to the statement.
Read more of this story at Slashdot.