Hackers have exposed the personal information of an untold number of Canadian government employees, possibly dating back to 1999. It’s impossible to say how many people have been affected, but an investigation is underway.
Hackers breached Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services. According to a Bleeping Computer report, LockBit might be responsible for the hack, if the screenshot provided by the group showing negotiations with SIRVA can be believed.
Data theft almost always accompanies successful ransomware attacks. The stolen data is used as an extra blackmail lever during negotiation. If the LockBit information is accurate, the 1.5TB of data the group boasts about likely contains information about government employees.
“On October 19th, 2023, BGRS informed the Government of Canada of a breach involving Government of Canada information held by BGRS and SIRVA Canada systems,” the press release states. “The government has contracts with BGRS and SIRVA Canada to provide relocation support to employees.”
BGRS stands for Brookfield Global Relocation Services and SIRVA is a similar organization specialized in location services. Some of the information leaked in this attack included details for people in the armed forces and the Royal Canadian Mounted Police.
“At this time, given the significant volume of data being assessed, we cannot yet identify specific individuals impacted; however, preliminary information indicates that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies,” the authorities said.
While an official investigation is ongoing, the Government of Canada is already taking some preventive measures and has contacted personnel potentially affected by the data breach.
“Services such as credit monitoring or reissuing valid passports that may have been compromised will be provided to current and former members of the public service, RCMP, and the Canadian Armed Forces who have relocated with BGRS or SIRVA Canada during the last 24 years,” the authorities added.
In June, the Canadian Centre for Cyber Security issued a warning regarding LockBit. They estimated that 22% of all ransomware incidents in Canada can be attributed to LockBit and warned organizations and companies that they might face new threats.