Canada’s RCMP, Global Affairs Hit by Cyberattacks

Canadian authorities on Monday were scrambling to respond to cyberattacks targeting the Royal Canadian Mounted Police (RCMP) and Global Affairs Canada.

The attack on RCMP’s network was disclosed on Friday but, as of Monday, the RCMP was still “actively managing a cyber event,” an RCMP spokesperson told SecurityWeek.

The RCMP did not share details on the nature and extent of the attack, saying that it was working with partner Canadian government agencies “to continue assessing the breadth and scope of the security breach and hold those responsible accountable.”

According to the RCMP, the attack did not impact its operations, nor the safety and security of Canadians and RCMP partners. Over the weekend, however, RCMP’s website was briefly unavailable.

“While a breach of this magnitude is alarming, the quick work and mitigation strategies put in place demonstrates the significant steps the RCMP has taken to detect and prevent these types of threats,” RCMP said.

On Monday, the Office of the Privacy Commissioner (OPC), which confirmed last week it was aware of the RCMP incident, announced that it was investigating a data breach resulting from a cyberattack on Global Affairs Canada’s internal network.

“The personal information of users, including employees, was compromised after unauthorized individuals accessed the department’s virtual private network (VPN),” OPC said.

According to the OPC, the investigation was launched after receiving multiple complaints about the incident.

“[The investigation] will examine the adequacy of the safeguards that are in place to protect personal information and assess compliance with the Privacy Act, which applies to federal departments and agencies,” OPC said.

It is unclear whether the RCMP and Global Affairs Canada incidents are related but more information is expected to become available as the investigations advance.

Related: 230k Individuals Impacted by Data Breach at Australian Telco Tangerine

Related: Prudential Financial Discloses Data Breach

Related: Bank of America Customer Data Stolen in Data Breach