Hackers breached the Canadian government, stealing the data of over 24 million employees dating back to 1999.
Over 1.5 TB of data was breached when the Lockbit hacker group exploited Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services. Both organizations dealt with employee relocation services and had many contracts with present and former government employees.
The hack also affected members of the Canadian Armed Forces and Royal Canadian Mounted Police personnel. Due to the amount of stolen data, the Canadian government can’t tell which specific individuals were affected by the breach.
However, a recent press release outlined the severity of the stolen info.
“Breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies,” reads a release from the Treasury Board of Canada Secretariat.
Since the data was stolen by the Lockbit gang, we can assume it will be used for some type of blackmail or ransom in the future. The Lockbit gang wages aggressive campaigns in Canada and comprises 22% of the country’s ransomware attacks, according to a study conducted in June.
“On October 19th, 2023, BGRS informed the Government of Canada of a breach involving Government of Canada information held by BGRS and SIRVA Canada system,” the report said. “This message is intended to outline the steps the Government of Canada is taking to respond to this situation.”
They immediately reported the breach to the Canadian Centre for Cyber Security, the Office of the Privacy Commissioner, and the Royal Canadian Mounted Police to help launch a full investigation.
Various government agencies are monitoring BGRS and SIRVA for suspicious activity until they have a full assessment of the breach and its severity. The government is also providing free credit monitoring for anyone whose identity may have been compromised (as well as reissuing passports).
“The Government of Canada is not waiting for the outcomes of this analysis and is taking a proactive, precautionary approach to support those potentially affected,” the release said.