Authorities investigating massive security breach at Global Affairs Canada

The breach affects at least two internal drives, as well as emails, calendars and contacts of many staff members.
CBC News spoke to multiple sources with knowledge of the situation, including employees who have received instructions on how the breach affects their ability to work.
Some were told to stop working remotely as of last Wednesday.
CBC News has also seen three internal emails sent to Global Affairs staff.
Another email said the internal systems were vulnerable between December 20, 2023 and January 24, 2024.
It informed anyone who connected remotely using a SIGNET laptop that their information may be vulnerable.
The VPN system was managed by Shared Services Canada, the GAC notice said.
Shared Services Canada is a federal department created in 2011 to take over the delivery of email, data centres and network services for many government departments and agencies.
The statement also said connectivity in GAC buildings is fully functioning and that employees working remotely in Canada have been provided with workarounds.
No word yet on scope of data breach According to Global Affairs, SIGNET is the department's secure computer network.
One part of the network holds personal information on shared drives, including employees' personal information.
It's not clear whether secret information was lost in the breach, which lasted longer than a month.
Shared Services Canada and the Canadian Centre for Cyber Security - which is part of the Communications Security Establishment, Canada's cyber-security organization - are investigating the breach, GAC's email to staff said.
Although sensitive diplomatic cables are sent using an encrypted system, a source told CBC News that some drafts of sensitive correspondence and some intelligence may have been stored in the affected drives.
In the interim, some Canada-based Global Affairs employees with security clearance are not able to work from home.
A senior diplomatic source told CBC News that on several occasions in the past year, staff were told to immediately change passwords or reboot software but were not given any further details.


This Cyber News was published on www.cbc.ca. Publication date: Wed, 31 Jan 2024 01:14:04 +0000


Cyber News related to Authorities investigating massive security breach at Global Affairs Canada

Authorities investigating massive security breach at Global Affairs Canada - The breach affects at least two internal drives, as well as emails, calendars and contacts of many staff members. CBC News spoke to multiple sources with knowledge of the situation, including employees who have received instructions on how the breach ...
10 months ago Cbc.ca
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
11 months ago Securityboulevard.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
10 months ago Securityzap.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Canadian government discloses data breach after contractor hacks - The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees. These breaches occurred last month and impacted Brookfield Global Relocation Services and ...
1 year ago Bleepingcomputer.com
FTC orders Blackbaud to boost security after massive data breach - Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based ...
10 months ago Bleepingcomputer.com
Advantis Global Confirms Recent Data Breach in Filing with the Office of the California Attorney General - In this notice, Advantis explains that the incident resulted in an unauthorized party being able to access consumers' sensitive information. Upon completing its investigation, Advantis began sending out data breach notification letters to all ...
1 year ago Jdsupra.com
eIDAS: EU's internet reforms will undermine a decade of advances in online security - The European Union's attempt to reform its electronic identification and trust services - a package of laws better known as eIDAS 2.0 - contains legislation that poses a grave threat to online privacy and security. An article buried deep in the draft ...
1 year ago Helpnetsecurity.com
HPE investigates new breach after data for sale on hacking forum - Hewlett Packard Enterprise is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. The company has told ...
10 months ago Bleepingcomputer.com
Ex-Uber CSO: Lessons Learned from the Breach and Legal Case - BLACK HAT EUROPE 2023 - London - Former Uber CISO Joe Sullivan last week shared new details about the 2016 data breach at the company that led to his firing from Uber and, later, felony charges. The Uber Breach Sullivan was in his second year as CISO ...
1 year ago Darkreading.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
1 year ago Securityboulevard.com
Ticketmaster sends notifications about recent massive data breach - Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people. Last month, a threat actor known as ShinyHunters began selling stolen ...
5 months ago Bleepingcomputer.com
Ragnar Locker ransomware developer arrested in France - Law enforcement agencies arrested a malware developer linked with the Ragnar Locker ransomware gang and seized the group's dark web sites in a joint international operation. Authorities from France, the Czech Republic, Germany, Italy, Latvia, the ...
1 year ago Bleepingcomputer.com
Law enforcement agencies arrest 4 alleged LockBit members | TechTarget - Authorities arrested four suspected members of the LockBit ransomware gang during the third phase of the international law enforcement effort dubbed Operation Cronos. Operation Cronos' efforts to disrupt the LockBit ransomware gang continue as ...
2 months ago Techtarget.com
Logicalis enhances global security services with the launch of Intelligent Security - Logicalis, the global technology service provider delivering next-generation digital managed services, has today announced the launch of Intelligent Security, a blueprint approach to its global security portfolio designed to deliver proactive ...
7 months ago Hackread.com
Blackbaud Enhances Security Measures Following FTC Settlement - Blackbaud, a major player in U.S. donor data management, recently settled with the Federal Trade Commission after facing scrutiny for a ransomware attack in May 2020. This attack led to a substantial data breach affecting millions of individuals. The ...
10 months ago Cysecurity.news
How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
11 months ago Securityboulevard.com
New alert: Logicalis enhances global security services with the launch of Intelligent Security - London, United Kingdom, May 13, 2024, CyberNewsWire - Logicalis, the global technology service provider delivering next-generation digital managed services, has today announced the launch of Intelligent Security, a blueprint approach to its global ...
7 months ago Securityboulevard.com
Keenan & Associates Reports Data Breach Exposing Social Security Numbers of More Than 1.5M - PRESS RELEASE. MARLTON, N.J., Jan. 29, 2024 /PRNewswire/ - Approximately 1.5 million consumers are being notified that their Social Security numbers and other confidential information were compromised when an unauthorized party was able to access the ...
10 months ago Darkreading.com
Live Nation finally confirms massive Ticketmaster data breach - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
6 months ago Bleepingcomputer.com
Ticketmaster confirms massive breach after stolen data for sale online - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
6 months ago Bleepingcomputer.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
Comcast Xfinity Reports Data Breach Exposing Info About 35M Customers - PRESS RELEASE. MARLTON, N.J., Dec. 19, 2023 /PRNewswire/ - Approximately 35 million consumers are being notified that their confidential information was compromised due to a vulnerability in software created by Citrix and used by Xfinity. The data ...
1 year ago Darkreading.com
AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
1 year ago Jdsupra.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)