News

Global Affairs Canada Confronts Extensive Data Security Breach

Canadian officials have initiated a comprehensive investigation into a substantial data security breach that compromised the internal network of Global Affairs Canada. Internal department emails, which CBC News has had access to, revealed the occurrence of “malicious cyber activity,” affecting a significant portion of the department’s staff, including their emails, calendars, and contacts.

The security lapse, reportedly spanning from December 20, 2023, to January 24, 2024, has raised concerns about the safety of sensitive information handled by Global Affairs Canada. The breach specifically impacted two internal drives and the virtual private network (VPN) used by the staff to connect to the department’s Ottawa headquarters. This VPN system, managed by Shared Services Canada, a federal entity responsible for delivering key IT services across government departments, was identified as ‘compromised.’

Authorities are yet to ascertain the full extent of the breach, including whether any classified information was compromised. Forensic investigations, led by Shared Services Canada and the Canadian Centre for Cyber Security, part of the Communications Security Establishment, are actively underway to delineate the scope and timeline of the breach.

Global Affairs Canada, recognizing the gravity of the situation, has promptly informed the office of the Privacy Commissioner about the breach. Continuous collaboration is expected between the department and the office to understand the privacy risks associated with the breach and to ensure all necessary measures, including notifying affected individuals, are diligently undertaken.

Amidst this crisis, the department has advised employees on safeguarding sensitive information and vigilantly monitoring their financial accounts for any unauthorized activities. Moreover, certain Canada-based Global Affairs employees with security clearance are temporarily restricted from remote work, a measure deemed essential for mitigating further risks while the investigation progresses.

National security expert Wesley Wark, from the University of Ottawa, highlighted the critical nature of the information held by Global Affairs Canada, describing it as a “natural target” for hacking due to its repository of classified and sensitive data. The breach’s duration, extending over a month, underscores the severity of the incident and the potential risks to national security.

As the situation continues to evolve, Global Affairs Canada remains committed to transparent communication with its staff, ensuring that updates and guidance are promptly shared. The investigation into this extensive breach is ongoing, with concerted efforts to understand the impact, reinforce the network’s security, and prevent future occurrences.

Leave a Reply

Your email address will not be published. Required fields are marked *