A cyber attack on a government contractor has compromised personal data belonging to several Canadian government employees, including current and former Canadian Armed Forces members and Royal Canadian Mounted Police (RCMP) personnel.
The attack targeted the systems of SIVRA, a global provider of employee relocation and moving services. It also impacted Brookfield Global Relocation Services (BGRS), which was acquired by SIVRA last year.
The Treasury Board of Canada Secretariat confirmed in a statement that the government held contracts with both companies and said the breached data “could belong to anyone who has used relocation services as early as 1999.”
The agency’s statement also revealed that the government was notified of the breach on October 19.
“Upon learning about this incident, the government took immediate action to investigate the breach, which involves information held by the companies about current and former Government of Canada employees, members of the Canadian Armed Forces and Royal Canadian Mounted Police personnel,” the statement said.
While the specific number of affected individuals has not been specified, the government warned that the breached data “may include any personal and financial information that employees provided to the companies.”
According to the Treasury Board of Canada Secretariat, affected individuals will be offered credit monitoring and new passports as a precautionary measure. Officials are also meeting with SIRVA and BGRS “on a regular basis” to monitor the issue.
“This is an evolving situation, and further information will be shared as it becomes available,” the statement continued. “Current and former employees who have questions should contact their departmental privacy teams.”
The attack on SIVRA and BGRS occurred last October, with the Lockbit ransomware gang claiming responsibility for the incident.
What are your thoughts on this story? Feel free to comment below.