Canada has documented a cyberattack on its armed forces, mounted police members, and public servants who are engaged with relocation support services.
The Treasury Board of Canada Secretariat reported that the incident exposed the personal and financial information of the employees affected.
The malicious activity leaked data stored under mobility solutions provider Brookfield Global Relocation Services (BGRS) and SIRVA, both of which are government-contracted moving and relocation partners.
The attack may have also stolen information of former personnel who rendered service under the military and police force, the agency wrote.
“At this time, given the significant volume of data being assessed, we cannot yet identify specific individuals impacted,” the treasury board stated.
“However, preliminary information indicates that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies.”
Under Investigation
Ottawa said it has been facilitating “proactive, precautionary” actions since the anomaly’s discovery.
“Services such as credit monitoring or reissuing valid passports that may have been compromised will be provided to current and former members… who have relocated with BGRS or SIRVA Canada during the last 24 years,” the treasury board said.
“Additional details about the services that will be offered, and how to access them will be provided as soon as possible.”
Throughout the corresponding investigations, the Canadian government will meet with BGRS and SIRVA representatives regularly to conduct associated monitoring operations.
The breach was first reported last month, when an internal message obtained by CBC News showed the cyberattack caused the website of BGRS to be offline for several weeks.