A recent cyberattack has led to the exposure of sensitive information belonging to an undisclosed number of Canadian government employees. The hacking incidents, which occurred last month, affected two contractors: Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services. These contractors provide relocation services to government employees in Canada.
The compromised systems of BGRS and SIRVA contained government-related information dating back to 1999. The affected individuals include members of the Royal Canadian Mounted Police (RCMP), Canadian Armed Forces personnel, and Government of Canada employees. The Canadian government is yet to attribute the incident to a specific group or entity.
The LockBit ransomware gang has taken responsibility for breaching SIRVA’s systems. They have claimed to possess 1.5TB of stolen documents and have leaked some of it. The group also made public the contents of failed negotiations with alleged SIRVA representatives.
Upon discovering the security breaches on October 19th, the Canadian government promptly reported the incidents to relevant authorities, including the Canadian Centre for Cyber Security and the Office of the Privacy Commissioner. Despite ongoing analysis of the compromised data, specific details regarding the number of affected employees and the extent of the breach remain unknown. However, preliminary assessments suggest that individuals who have used relocation services since 1999 may have had their personal and financial information exposed.
To mitigate the potential impact on affected individuals, the Government of Canada is taking a proactive approach. Services such as credit monitoring and reissuing valid passports will be provided to current and former members of the public service, RCMP, and the Canadian Armed Forces who have relocated with BGRS or SIRVA Canada within the past 24 years. More information about these services and how to access them will be provided soon.
In light of the breach, individuals who may be affected are strongly advised to take precautionary measures such as updating their login credentials, enabling multi-factor authentication, and monitoring their online financial and personal accounts for any unusual activity. If unauthorized access is suspected, promptly contacting financial institutions, local law enforcement, and the Canadian Anti-Fraud Centre (CAFC) is recommended.
Frequently Asked Questions (FAQ)
1. What contractors were hacked in the Canadian government data breach?
The contractors that were hacked in the Canadian government data breach are Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services.
2. What information was exposed in the data breach?
The compromised systems of BGRS and SIRVA contained government-related information, dating back to 1999, belonging to various individuals, including members of the Royal Canadian Mounted Police (RCMP), Canadian Armed Forces personnel, and Government of Canada employees.
3. Who claimed responsibility for the breach?
The LockBit ransomware gang has claimed responsibility for breaching SIRVA’s systems and leaking stolen documents.
4. What actions is the Canadian government taking in response to the breach?
The Canadian government is taking a proactive approach to support potentially affected individuals by offering services such as credit monitoring and reissuing valid passports. Further details regarding these services and how to access them will be provided in the near future.
5. What should individuals do if they suspect unauthorized access to their accounts?
If individuals suspect unauthorized access to their accounts, they should update their login credentials, enable multi-factor authentication, monitor their online financial and personal accounts for unusual activity, contact their financial institution, local law enforcement, and report the incident to the Canadian Anti-Fraud Centre (CAFC) immediately.