Nova Scotia has decided that individuals whose less sensitive information was compromised during the MOVEit data breach will not receive credit monitoring and fraud protection coverage due to “a very low risk of identity theft or fraud.”
In a fresh update, the province said it plans to send out a new round of notification letters to individuals whose personal information was compromised in the global cybersecurity breach involving the MOVEit file transfer system.
This phase of notifications will target individuals whose stolen information is deemed less sensitive, such as names, addresses, license plate numbers, and email addresses.
“We made the decision about offering credit monitoring and fraud protection carefully, considering best practice,” said Cyber Security and Digital Solutions Minister Colton LeBlanc. “We have also discussed this and other issues with the Office of the Information and Privacy Commissioner as we move forward with our breach response.”
The province is nearly done sending notification letters to people whose sensitive personal information was compromised. It has sent letters offering credit monitoring services to approximately 81,000 civil servants, Nova Scotia Health and IWK Health employees, and others.
An additional 44,000 certified teachers are expected to receive their notification letters soon, according to the update.
“I know many people are worried about the potential for identity theft and fraud,” added LeBlanc. “I encourage all Nova Scotians, whether they’ve been impacted by this breach or not, to take steps to keep themselves cyber safe. Unfortunately, these incidents are becoming a reality in the digital age, and it’s up to us all to take steps to protect ourselves.”
Government officials previously reported that over 100,000 people in Nova Scotia had their data compromised after hackers targeted the popular MOVEit file transfer system.
Organizations all over the world were also impacted by the breach, including insurance provider Genworth, which reported that millions of its customers and agents had been affected through a third-party vendor.
This week, Sun Life announced that the personal data of some of its US customers were compromised in the MOVEit data breach.
A notice by Sun Life US said the company doesn’t use the MOVEit service but that one of its vendors, Pension Benefit Information, was impacted by the global attack.
“We take information security very seriously at Sun Life and are conducting our own investigation alongside PBI to confirm what data was involved,” the notice from Sun Life US said. “We know that protecting member data is important, and regret that this happened. Working with PBI, in the coming weeks, we will notify members whose personal information was affected.”
What are your thoughts on this story? Feel free to comment below.