Global Affairs Canada (GAC), the Canadian government’s foreign affairs department, is investigating a data breach that resulted from a compromised Virtual Private Network (VPN). The breach, affecting the internal network, led to unauthorized access to personal information, including that of employees. The compromised VPN, managed by Shared Services Canada, was used by remote workers to access GAC’s headquarters. The breach impacted remote network access, internal drives, emails, calendars, and contacts of staff members, prompting the department to contact affected individuals with mitigation measures to secure sensitive information.
According to CBC News, emails sent to employees revealed that the data breach affected GAC’s internal systems between December 20, 2023, and January 24, 2024. Information of anyone using a Secure Integrated Global Network (SIGNET) laptop, the secure network used by GAC, is potentially exposed. The scope of the breach remains unclear, and the GAC has not disclosed details about the threat actors responsible. GAC is working with IT partners, including Shared Services Canada and the Canadian Centre for Cyber Security, to restore full connectivity and address the compromised VPN’s impact on the security of the network.
This incident marks the second cyberattack on GAC, with the previous one occurring in January 2022, where the network was shut down for several days. While not confirmed, it was believed that Russia-backed malicious elements might have carried out the attack due to Canada’s support for Ukraine in the ongoing conflict with Russia. The rise in cyberattacks on government organizations has been a growing concern globally, given the vast amount of citizen data held by such bodies. The breach emphasizes the need for robust cybersecurity measures to safeguard sensitive information and prevent unauthorized access to government networks.
Reference:
