Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Millions at Risk After Election Data is Lost in Canada

Two USB drives containing personal information on 2.4 million voters residing in districts within the Waterloo region of Southern Ontario, Canada were lost three months ago, according to recent disclosures from the agency who oversees general elections in Canada.

Offering an explanation as to why Elections Ontario waited so long to release word of the breach, Greg Essensa, their chief electoral officer, said, “I did not want to make an irresponsible public notification or worry Ontarians needlessly.”

Two USB drives containing personal information on 2.4 million voters residing in districts within the Waterloo region of Southern Ontario, Canada were lost three months ago, according to recent disclosures from the agency who oversees general elections in Canada.

Offering an explanation as to why Elections Ontario waited so long to release word of the breach, Greg Essensa, their chief electoral officer, said, “I did not want to make an irresponsible public notification or worry Ontarians needlessly.”

Needless worry or not, the loss of so many records is being hailed as unprecedented by Ontario Privacy and Information Commissioner Ann Cavoukian. In an interview with The Record, she noted that it was a huge number, “larger than the size of most provinces… It is quite massive in its scale.”

The lost USB’s contained names, birthdates, addresses, gender, voting records from the previous election, as well as any other information given out by the voter themselves.

Essensa said that specialized commercial software, as well as internal software used by Elections Ontario would be needed to access the files on the lost devices. However, he didn’t mention how specialized the commercial software was, and that alone does now guarantee that the records cannot be accessed.

“I take this matter extremely seriously and I want to sincerely apologize to all Ontarians for any concern that this notification may cause,” he added.

Voters impacted by the breach are asked to monitor their financial records if they feel the need. The two employees responsible for the loss are no longer employed.

Written By

Click to comment

Expert Insights

Related Content

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...

Compliance

The Federal Communications Commission (FCC) is proposing tighter rules on the reporting of data breaches by wireless carriers.The updated rules, the FCC says, will...