Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Canadian Military, Police Impacted by Data Breach at Moving Companies

Data breach at moving companies impacts Canadian government employees, and military and police personnel.

The Canadian government has announced that information pertaining to its employees and to military and police personnel was exposed in a data breach at third-party services providers.

The incident involved Brookfield Global Relocation Services (BGRS) and Sirva Canada, two moving and relocation services firms contracted by the Canadian government to provide relocation support to employees.

The government learned of the data breach on October 19, immediately launched an investigation into the matter, and informed the Centre for Cyber Security, the Office of the Privacy Commissioner, and the Royal Canadian Mounted Police.

According to the Canadian government, the data breach impacts the personal information of present and former public service employees, as well as members of the Canadian Armed Forces and Royal Canadian Mounted Police.

“Preliminary information indicates that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies,” the government says in an incident notification.

No specific number of affected individuals has been provided yet, and the government says it has yet to identify who was impacted.

Prior to concluding the investigation into the incident, however, potentially impacted individuals are being offered credit monitoring services and the option to be reissued valid passports that might have been compromised.

Individuals who have relocated with the impacted mobility firms during the last 24 years have been advised to change login credentials similar to those used with BGRS or Sirva Canada, enable multi-factor authentication, and monitor their accounts for unusual activity.

Advertisement. Scroll to continue reading.

“This is an evolving situation and further information will be shared as it becomes available. Current and former employees who have questions should contact their departmental privacy teams,” the Canadian government notes.

While the Canadian government did not share specific details on the cyberattack, the LockBit ransomware gang has already claimed responsibility for it, publishing on its leak site data allegedly stolen from Sirva Canada.

The cybercrime group has made public over 1.5 terabytes of data after negotiations with Sirva allegedly failed.

Related: Yamaha Motor Confirms Data Breach Following Ransomware Attack

Related: US Organizations Paid $91 Million to LockBit Ransomware Gang

Related: US Government Warns Organizations of LockBit 3.0 Ransomware Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Check Point Software has appointed Nadav Zafrir as Chief Executive Officer

BlackFog has named Brenda Robb as President, John Sarantakes as CRO, and Mark Griffith as VP of Strategic Sales

Former NSA cybersecurity chief Rob Joyce has joined Sandfly Security's Advisory Board.

More People On The Move

Expert Insights