The provincial government of Nova Scotia recently faced a massive data breach — it’s calling the incident a global cybersecurity issue, yet very few details have been released.
The problem comes from a critical vulnerability found in the file transfer service called MOVEit, which is used to share information like finances, healthcare, and government services by both the public and private sectors. The vulnerability could potentially lead to unauthorized access to a user’s system, according to Reuters, which reported on the breach earlier this week.
While no one knows what happened or the scope of the breach, officials held a news conference on Sunday, when the cabinet minister in charge explained what the government knew. Colton Leblanc, the minister in charge of cybersecurity and digital solutions spoke, informing the public that while there was a large-scale data breach, the extent is still being investigated.
“At this time, staff are manually going through all of the files that were accessed to identify what information was stolen and who it belongs to,” he said. “Until all of this work is complete, we aren’t able to say how many Nova Scotians have been impacted. Today is about telling you about the situation and our response to date. We did not want to wait for all of the answers before we told Nova Scotians what we are dealing with.
“We immediately took the service offline and installed a security update as instructed, then brought the service back online.”
However, the next day the government realized that the investigation needed to continue and the service wasn’t ready for use. It’s since been taken offline again. It also stated that it will launch a website with details, updates, and relevant information for users as well as directly contact those who were affected by the data breach.
“The sad reality of living in a digital world today is that cybercrime is a reality, and there are nefarious actors out there,” Leblanc said.