Canadian Government’s Data Security Compromised Affecting its Contractors

Written by Andrew Doyle

November 21, 2023

Canadian Government's Data Security Compromised Affecting its Contractors

In a recent cybersecurity incident, the Canadian government has reported that two of its contractors, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, fell victim to a cyber-attack, compromising sensitive information of undisclosed government employees.

Canadian Government's Data Security Compromised Affecting its Contractors

Scope of Breach and Affected Parties

The breaches, occurring last month, have exposed government-related information stored on compromised BGRS and SIRVA Canada systems dating back to 1999. This information encompasses a diverse group of individuals, including members of the Royal Canadian Mounted Police (RCMP), Canadian Armed Forces personnel, and Government of Canada employees.

LockBit Ransomware Group Claims Responsibility

While the Canadian government has yet to officially attribute the incident, the LockBit ransomware gang has asserted responsibility for breaching SIRVA’s systems. The group has publicized the contents of failed negotiations with alleged SIRVA representatives and leaked archives containing 1.5TB of stolen documents.

Government’s Response and Proactive Measures

Promptly notified of the security breaches on October 19th, the government has taken swift action by reporting the incident to relevant authorities, including the Canadian Centre for Cyber Security and the Office of the Privacy Commissioner.

In a proactive and precautionary approach, the government has announced measures to support potentially affected individuals, including current and former members of the public service, RCMP, and the Canadian Armed Forces who have relocated with BGRS or SIRVA Canada in the last 24 years. Services such as credit monitoring and reissuing valid passports will be provided.

Cautionary Steps for Affected Individuals

As the analysis of the compromised data continues, specific details regarding the impacted individuals are still undetermined. However, affected individuals are urged to take precautionary measures, including updating login credentials, enabling multi-factor authentication, and monitoring online financial and personal accounts for unusual activity.

Related Articles

Daixin Ransomware Claims Omni Hotels Cyberattack

Daixin Ransomware Claims Omni Hotels Cyberattack

The Daixin Team ransomware gang has taken responsibility for a recent cyberattack on Omni Hotels & Resorts and is currently issuing threats to publish sensitive customer information unless a ransom is paid. This development comes after the hotel chain experienced...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter


Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!