![[Canada] 100,000 Nova Scotians affected by MOVEit hack](http://gpa.net/cdn/shop/articles/bigstock-Halifax-Nova-Scotia-Legislatur-266367454_1200x.jpg?v=1686246625)
In Canada last week, cybercriminals accessed the personal and banking information of at least 100,000 Nova Scotians before the Nova Scotia government secured a file transfer service that had been breached as part of the global attack on MOVEit, CBC Lite reports.
Colton LeBlanc - Nova Scotia's Minister of Cyber Security and Digital Service - disclosed the number on June 6 as part of an update on the investigation into the cyberattack.
"100,000 people, 100,000 Nova Scotians being employees, current or past employees of Nova Scotia Health, the IWK, as well as the provincial civil service, have been impacted," Mr LeBlanc told reporters during a virtual briefing. "We still have more work to do and as that work unfolds, that number could go up or it could go down."
The minister reportedly stated that the information taken by the "cybercriminals" was payroll data that was transferred between departments, including banking details, home addresses and social insurance numbers.
British Airways, Boots and the BBC have also been hacked by criminals exploiting a weakness in the same MOVEit software used in Nova Scotia, according to reporting from Reuters. Tens of thousands of employees are said to be affected.
The province acted as soon as it was notified of a possible vulnerability in the MOVEit service on June 1 and the department's deputy minister Natasha Clarke confirmed that the software patch to plug the digital hole was applied after the data was taken.
"Our investigation showed that the stolen data that took place the two days prior to us being notified that there was a vulnerability." Ms Clarke said. "So once we put the patching in place, there was no more nefarious activity that we were able to see as a part of our investigation."
Ongoing investigation
Ms Clarke said there was currently no evidence that any information provided by the public to any government department had been taken by those responsible for the hack on government computers.
"That investigation is ongoing," Ms Clarke said. "I think the approach we're taking here is not letting perfect be the enemy of good."
"What's important is we want to be confident, come out with good information and be as transparent to Nova Scotians knowing that we don't have all of the answers.”
Despite it being the source of the breach, the deputy minister reportedly defended MOVEit as "world-class or in the top of the software solutions" to provide this kind of file transfer service. She acknowledged that under these circumstances her statement might seem ironic.
The provincial government has promised to contact those affected "as soon as possible" and offer them access to a credit monitoring service.
Union concerns
Sandra Mullen - president of the Nova Scotia Government and General Workers Union - said the province's largest public-sector union only learned of the magnitude of the breach moments before the minister spoke to reporters.
"We were pretty concerned when we heard rumblings of a privacy breach," Ms Mullen told CBC News. "The numbers are huge, from what they're saying and it impacts many of our members, potentially myself included."
Ms Mullen stated that her union had not yet heard from any member who has lost money or otherwise suffered as a consequence of their personal information being in the hands of someone else.
She pledged to make sure the provincial government moved quickly to notify individuals whose "critical" information had been taken.
"We will do our best to make sure that they are responding as fast as they can, in a safe manner and working hard to ensure that information is protected in the future," Ms Mullen said.
Microsoft security experts believed the hackers were affiliated with the notorious Clop ransomware group, as news of the attack broke and an ultimatum issued on the dark web this week by the group would seem to bear their predictions out.
Rob McLeod - vice-president of cybersecurity company eSentire's Threat Response Unit - said that the group has form for this manner of global attack.
"This group has done this in the past. It's taken several months for them to actually go through this data, look for any sort of high-value victims or customers in that, and then directly contact them," Mr McLeod told CBC Radio's Information Morning Nova Scotia on June 7.
He warned that victims could be at risk of identity theft and tax-based scams and urged them to take advantage of the credit monitoring service offered by the province.
"I would say this is an early warning indicator for the 100,000 affected victims. They're still going to need to keep a very close eye on all of their banking information, all of their credit information, also their [Canada Revenue Account]," he said.
Source: CBC Lite
(Quotes via original reporting)
In Canada last week, cybercriminals accessed the personal and banking information of at least 100,000 Nova Scotians before the Nova Scotia government secured a file transfer service that had been breached as part of the global attack on MOVEit, CBC Lite reports.
Colton LeBlanc - Nova Scotia's Minister of Cyber Security and Digital Service - disclosed the number on June 6 as part of an update on the investigation into the cyberattack.
"100,000 people, 100,000 Nova Scotians being employees, current or past employees of Nova Scotia Health, the IWK, as well as the provincial civil service, have been impacted," Mr LeBlanc told reporters during a virtual briefing. "We still have more work to do and as that work unfolds, that number could go up or it could go down."
The minister reportedly stated that the information taken by the "cybercriminals" was payroll data that was transferred between departments, including banking details, home addresses and social insurance numbers.
British Airways, Boots and the BBC have also been hacked by criminals exploiting a weakness in the same MOVEit software used in Nova Scotia, according to reporting from Reuters. Tens of thousands of employees are said to be affected.
The province acted as soon as it was notified of a possible vulnerability in the MOVEit service on June 1 and the department's deputy minister Natasha Clarke confirmed that the software patch to plug the digital hole was applied after the data was taken.
"Our investigation showed that the stolen data that took place the two days prior to us being notified that there was a vulnerability." Ms Clarke said. "So once we put the patching in place, there was no more nefarious activity that we were able to see as a part of our investigation."
Ongoing investigation
Ms Clarke said there was currently no evidence that any information provided by the public to any government department had been taken by those responsible for the hack on government computers.
"That investigation is ongoing," Ms Clarke said. "I think the approach we're taking here is not letting perfect be the enemy of good."
"What's important is we want to be confident, come out with good information and be as transparent to Nova Scotians knowing that we don't have all of the answers.”
Despite it being the source of the breach, the deputy minister reportedly defended MOVEit as "world-class or in the top of the software solutions" to provide this kind of file transfer service. She acknowledged that under these circumstances her statement might seem ironic.
The provincial government has promised to contact those affected "as soon as possible" and offer them access to a credit monitoring service.
Union concerns
Sandra Mullen - president of the Nova Scotia Government and General Workers Union - said the province's largest public-sector union only learned of the magnitude of the breach moments before the minister spoke to reporters.
"We were pretty concerned when we heard rumblings of a privacy breach," Ms Mullen told CBC News. "The numbers are huge, from what they're saying and it impacts many of our members, potentially myself included."
Ms Mullen stated that her union had not yet heard from any member who has lost money or otherwise suffered as a consequence of their personal information being in the hands of someone else.
She pledged to make sure the provincial government moved quickly to notify individuals whose "critical" information had been taken.
"We will do our best to make sure that they are responding as fast as they can, in a safe manner and working hard to ensure that information is protected in the future," Ms Mullen said.
Microsoft security experts believed the hackers were affiliated with the notorious Clop ransomware group, as news of the attack broke and an ultimatum issued on the dark web this week by the group would seem to bear their predictions out.
Rob McLeod - vice-president of cybersecurity company eSentire's Threat Response Unit - said that the group has form for this manner of global attack.
"This group has done this in the past. It's taken several months for them to actually go through this data, look for any sort of high-value victims or customers in that, and then directly contact them," Mr McLeod told CBC Radio's Information Morning Nova Scotia on June 7.
He warned that victims could be at risk of identity theft and tax-based scams and urged them to take advantage of the credit monitoring service offered by the province.
"I would say this is an early warning indicator for the 100,000 affected victims. They're still going to need to keep a very close eye on all of their banking information, all of their credit information, also their [Canada Revenue Account]," he said.
Source: CBC Lite
(Quotes via original reporting)