Canadian Armed Forces and RCMP personal information stolen in cyberattack


The data of some Canadian government employees – including current and former members of the Canadian Armed Forces and Royal Canadian Mounted Police personnel – was leaked in a cyberattack on the systems of a government contractor used for services resettlement.

In October, the LockBit ransomware gang claimed to have attacked SIRVA, a global company that provides employee relocation and relocation services. The company’s website was still down as of November 20.

The Treasury Board of Canada Secretariat said in a statement Friday that a cyberattack against the systems of SIRVA and a company she acquired Last year, Brookfield Global Relocation Services (BGRS) disclosed sensitive information of an unknown number of employees who used relocation services as far back as 1999.

The Canadian government has contracts with both companies and said it was informed on October 19 that information they held had been leaked.

“Upon learning of this incident, the government took immediate action to investigate the breach,” they said, noting that the incident was reported to the Canadian Center for Cyber ​​Security, Office of the Privacy Commissioner. private life and the Royal Canadian Mounted Police.

“At present, given the large volume of data evaluated, we cannot yet identify the specific people affected; however, preliminary information indicates that the information disclosed could belong to anyone who used relocation services as far back as 1999 and could include any personal and financial information that employees provided to the companies.

A spokesperson declined to comment on the number of people affected.

The Government of Canada has said it will not wait until the investigation is complete to provide assistance, offering credit monitoring and new passports to those affected. He pledged to communicate more information to those affected in the coming weeks.

Officials are also meeting with representatives from both companies to “monitor progress on the matter” and said this “will continue until we have a full assessment of the breach and its impacts.” They work with companies to identify vulnerabilities that hackers use to hack their systems.

The notice states that those who believe they may be affected should change the login information used for SIRVA and monitor their financial accounts for harmful behavior.

The Canadian Broadcasting Corporation reported in October that the Ministry of National Defense sent an internal notice last month about the incident after several members of the armed forces complained of being unable to complete relocation forms due to the outages.

Internal documents cited by CBC show the company facilitates 20,000 federal moves each year.

Get more information with the

Future saved

Intelligence cloud.

Learn more.

No previous articles

No new articles

Jonathan Greig is a breaking news reporter at Recorded Future News. Jonathan has worked as a journalist around the world since 2014. Before returning to New York, he worked for media outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

Leave a comment