VANCOUVER
Vancouver

    • 'Sensitive personal information' may have been accessed during B.C. cyberattack: officials

    Share

    A recent cyberattack on the B.C. government may have compromised the personal information of 19 employees, according to officials.

    An update on the investigation was provided to employees Monday by Shannon Salter, the head of the B.C. Public Service. She said 22 email inboxes "may have been accessed" and that "a handful of these inboxes contained sensitive personal information on 19 individuals." The information, she said in the statement, was employee personnel files in all but one case.

    Salter said those who may have been impacted have been notified and that they will be provided with credit monitoring and identity protection services as a precaution.

    "We have not identified any misuse of this information or found evidence that the actor accessed specific files," the update said.

    "At this point in time, we have not identified that any sensitive information collected by government in the delivery of public services was accessed," it also said.

    Few details about the cyberattack have been released but officials did say it was not a ransomware attack and that it appeared to have been perpetrated by a state or state-sponsored actor.

    Public Safety Minister Mike Farnworth spoke to reporters about the cyberattack Monday afternoon, reiterating the few details provided by Salter.

    He declined to provide details about whose information may have been accessed or what their role is within government, but he did say no cabinet members were impacted.

    "Our top priority has to be the integrity of that investigation and the security of our networks, but as we've done today, we will continue to provide updates as we are able, without compromising that investigation," Farnworth said.

    "After the conclusion of the incident, there will be a complete review of the incident and government's response to ensure that we capture any lessons that can be learned."

    Pricey investigation ahead

    Cybersecurity expert and CEO of Beauceron Security, David Shipley, says an investigation and recovery process of this magnitude will likely cost the province tens of millions of dollars.

    "The challenge now is proving to a level of confidence sufficient for the government that they are truly out of the system,” he told CTV News. “That they expunge all possible different ways back doors other things out of systems, and that is expensive,” Shipley continued.

    Microsoft is the province’s service provider, however Farnworth did not provide any update on the company’s role in the investigation.

    Shipley says China and Russia are the only countries that have been able to infiltrate that network to such a significant extent.

    "Foreign interference using digital means is among the top priorities for hostile nations,” he said.

    “We need to invest in this, not just nationally, but provincially, even municipally,”

    Shipley says with a provincial election coming up, British Columbians should be asking candidates about cybersecurity funding, to help ensure that the public’s personal information is safe.

    Shopping Trends

    The Shopping Trends team is independent of the journalists at CTV News. We may earn a commission when you use our links to shop. Read about us.

    CTVNews.ca Top Stories

    Vancouver Island

    Kelowna

    Edmonton

    Calgary

    Lethbridge

    Winnipeg

    Regina

    Saskatoon

    Toronto

    Montreal

    Ottawa

    Atlantic

    London

    Kitchener

    Northern Ontario

    N.L.

    Stay Connected
    Follow CTV News