Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

Authorities investigating massive security breach at Global Affairs Canada

The breach affects at least two internal drives, as well as emails, calendars and contacts of many staff members.
CBC News spoke to multiple sources with knowledge of the situation, including employees who have received instructions on how the breach affects their ability to work.
Some were told to stop working remotely as of last Wednesday.
CBC News has also seen three internal emails sent to Global Affairs staff.
Another email said the internal systems were vulnerable between December 20, 2023 and January 24, 2024.
It informed anyone who connected remotely using a SIGNET laptop that their information may be vulnerable.
The VPN system was managed by Shared Services Canada, the GAC notice said.
Shared Services Canada is a federal department created in 2011 to take over the delivery of email, data centres and network services for many government departments and agencies.
The statement also said connectivity in GAC buildings is fully functioning and that employees working remotely in Canada have been provided with workarounds.
No word yet on scope of data breach According to Global Affairs, SIGNET is the department's secure computer network.
One part of the network holds personal information on shared drives, including employees' personal information.
It's not clear whether secret information was lost in the breach, which lasted longer than a month.
Shared Services Canada and the Canadian Centre for Cyber Security - which is part of the Communications Security Establishment, Canada's cyber-security organization - are investigating the breach, GAC's email to staff said.
Although sensitive diplomatic cables are sent using an encrypted system, a source told CBC News that some drafts of sensitive correspondence and some intelligence may have been stored in the affected drives.
In the interim, some Canada-based Global Affairs employees with security clearance are not able to work from home.
A senior diplomatic source told CBC News that on several occasions in the past year, staff were told to immediately change passwords or reboot software but were not given any further details.

This Cyber News was published on www.cbc.ca. Publication date: Wed, 31 Jan 2024 01:14:04 +0000

Cyber News related to Authorities investigating massive security breach at Global Affairs Canada

Authorities investigating massive security breach at Global Affairs Canada - The breach affects at least two internal drives, as well as emails, calendars and contacts of many staff members. CBC News spoke to multiple sources with knowledge of the situation, including employees who have received instructions on how the breach ...
1 year ago Cbc.ca

25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
2 months ago Cybersecuritynews.com

Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
1 year ago Securityboulevard.com

Hikvision Canada ordered to cease operations over security risks - Launched in 2014, Hikvision Canada has maintained a strong market presence in the country, supplying cost-effective end-to-end security and Artificial Intelligence with the Internet of Things (AIoT) solutions that cover IP cameras, facial ...
2 months ago Bleepingcomputer.com

Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
1 year ago Securityzap.com

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com

Advantis Global Confirms Recent Data Breach in Filing with the Office of the California Attorney General - In this notice, Advantis explains that the incident resulted in an unauthorized party being able to access consumers' sensitive information. Upon completing its investigation, Advantis began sending out data breach notification letters to all ...
1 year ago Jdsupra.com

Canadian government discloses data breach after contractor hacks - The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees. These breaches occurred last month and impacted Brookfield Global Relocation Services and ...
1 year ago Bleepingcomputer.com LockBit

FTC orders Blackbaud to boost security after massive data breach - Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based ...
1 year ago Bleepingcomputer.com

eIDAS: EU's internet reforms will undermine a decade of advances in online security - The European Union's attempt to reform its electronic identification and trust services - a package of laws better known as eIDAS 2.0 - contains legislation that poses a grave threat to online privacy and security. An article buried deep in the draft ...
1 year ago Helpnetsecurity.com

HPE investigates new breach after data for sale on hacking forum - Hewlett Packard Enterprise is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. The company has told ...
1 year ago Bleepingcomputer.com APT1 APT29

Logicalis enhances global security services with the launch of Intelligent Security - Logicalis, the global technology service provider delivering next-generation digital managed services, has today announced the launch of Intelligent Security, a blueprint approach to its global security portfolio designed to deliver proactive ...
1 year ago Hackread.com

Top 30 Best Penetration Testing Tools - 2025 - The tool supports various protocols and offers advanced filtering and analysis capabilities, making it ideal for diagnosing network issues, investigating security incidents, and understanding complex network interactions during penetration testing. ...
5 months ago Cybersecuritynews.com

New alert: Logicalis enhances global security services with the launch of Intelligent Security - London, United Kingdom, May 13, 2024, CyberNewsWire - Logicalis, the global technology service provider delivering next-generation digital managed services, has today announced the launch of Intelligent Security, a blueprint approach to its global ...
1 year ago Securityboulevard.com

Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com

Ex-Uber CSO: Lessons Learned from the Breach and Legal Case - BLACK HAT EUROPE 2023 - London - Former Uber CISO Joe Sullivan last week shared new details about the 2016 data breach at the company that led to his firing from Uber and, later, felony charges. The Uber Breach Sullivan was in his second year as CISO ...
1 year ago Darkreading.com

Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
1 year ago Securityboulevard.com

Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com

Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
11 months ago Helpnetsecurity.com

Ticketmaster sends notifications about recent massive data breach - Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people. Last month, a threat actor known as ShinyHunters began selling stolen ...
1 year ago Bleepingcomputer.com Hunters

Ragnar Locker ransomware developer arrested in France - Law enforcement agencies arrested a malware developer linked with the Ragnar Locker ransomware gang and seized the group's dark web sites in a joint international operation. Authorities from France, the Czech Republic, Germany, Italy, Latvia, the ...
1 year ago Bleepingcomputer.com Trigona Ragnar Locker

Blackbaud Enhances Security Measures Following FTC Settlement - Blackbaud, a major player in U.S. donor data management, recently settled with the Federal Trade Commission after facing scrutiny for a ransomware attack in May 2020. This attack led to a substantial data breach affecting millions of individuals. The ...
1 year ago Cysecurity.news

Law enforcement agencies arrest 4 alleged LockBit members | TechTarget - Authorities arrested four suspected members of the LockBit ransomware gang during the third phase of the international law enforcement effort dubbed Operation Cronos. Operation Cronos' efforts to disrupt the LockBit ransomware gang continue as ...
11 months ago Techtarget.com LockBit

How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
1 year ago Securityboulevard.com

Strengthening Security Posture Through People-First Engagement - Regular, small doses of security education help combat the “forgetting curve,” a theory developed by Hermann Ebbinghaus that suggests people forget 75% of newly learned information within a couple of days. These statistics underscore a critical ...
11 months ago Informationsecuritybuzz.com