The Canadian government has announced that information pertaining to its employees and to military and police personnel was exposed in a data breach at third-party services providers.
The incident involved Brookfield Global Relocation Services (BGRS) and Sirva Canada, two moving and relocation services firms contracted by the Canadian government to provide relocation support to employees.
The government learned of the data breach on October 19, immediately launched an investigation into the matter, and informed the Centre for Cyber Security, the Office of the Privacy Commissioner, and the Royal Canadian Mounted Police.
According to the Canadian government, the data breach impacts the personal information of present and former public service employees, as well as members of the Canadian Armed Forces and Royal Canadian Mounted Police.
“Preliminary information indicates that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies,” the government says in an incident notification.
No specific number of affected individuals has been provided yet, and the government says it has yet to identify who was impacted.
Prior to concluding the investigation into the incident, however, potentially impacted individuals are being offered credit monitoring services and the option to be reissued valid passports that might have been compromised.
Individuals who have relocated with the impacted mobility firms during the last 24 years have been advised to change login credentials similar to those used with BGRS or Sirva Canada, enable multi-factor authentication, and monitor their accounts for unusual activity.
“This is an evolving situation and further information will be shared as it becomes available. Current and former employees who have questions should contact their departmental privacy teams,” the Canadian government notes.
While the Canadian government did not share specific details on the cyberattack, the LockBit ransomware gang has already claimed responsibility for it, publishing on its leak site data allegedly stolen from Sirva Canada.
The cybercrime group has made public over 1.5 terabytes of data after negotiations with Sirva allegedly failed.