Canadian Government Data Breach: LockBit Ransomware Attack
The Canadian government has revealed a data breach resulting from contractor hacks that exposed sensitive information. The Canadian government data breach, which occurred last month on October 19, exposed sensitive information belonging to an undisclosed number of employees.
The affected entities include Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, both of which provide location services to government workers.
The Canadian government, upon discovering the breach, swiftly initiated an investigation into the matter. The compromised information involves data held by the two companies regarding current and former employees, members of the Canadian Armed Forces, and Royal Canadian Mounted Police personnel.
Authorities have reported the Canadian government data breach to the Canadian Centre for Cyber Security, the Office of the Privacy Commissioner, and the Royal Canadian Mounted Police (RCMP).
Canadian government data breach decoded
While specific details about the impacted individuals remain undisclosed, preliminary information suggests that the breached data in this cyberattack on the Canadian government could pertain to anyone who has utilized relocation services as early as 1999.
This potentially includes personal and financial information provided by employees to the relocation service companies. The LockBit ransomware group has claimed responsibility for breaching SIRVA’s systems, leaking archives containing approximately 1.5TB of stolen documents.
In response to the breach, the Government of Canada is taking a proactive and precautionary approach. It is not waiting for the complete analysis of the incident outcomes and is offering services such as credit monitoring and reissuing valid passports to potentially affected individuals.
This assistance extends to current and former members of the public service, RCMP, and the Canadian Armed Forces who have relocated with BGRS or SIRVA Canada in the last 24 years.
Resistance against cyberattack on the Canadian government
Regular meetings with BGRS and SIRVA Canada are being held to monitor progress on resolving the issue. The government is committed to conducting a full assessment of the Canadian government data breach and its impacts, ensuring that any vulnerabilities contributing to the situation are addressed by the relocation service providers.
Meanwhile, individuals who may be affected are urged to take precautionary measures to safeguard their financial and personal information online. Recommendations include updating login credentials, enabling multi-factor authentication (MFA) on relevant accounts, and monitoring financial and personal online accounts for any unusual activity.
The government advises individuals to report any unauthorized access to personal or financial accounts promptly to their financial institution and local police. The cyberattack on the Canadian government has been attributed to the LockBit ransomware group, known for its ransomware-as-a-service (RaaS) operations.
Active for over four years, the group has extorted around US$91 million since 2020, according to the US Government. LockBit was identified as the most active global ransomware group and RaaS provider in 2022, impacting organizations worldwide.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
