Canadian government probes extensive data breach at Global Affairs, affecting internal drives and remote access, prompting urgent security measures. (Getty Images)
The Canadian government is currently investigating a potentially significant data breach within its foreign affairs department, as reported by CBC News. The investigation is focused on an extended breach of data security on the internal network of Global Affairs Canada. This breach has impacted at least two internal hard drives, along with the emails, calendars, and contacts of numerous staff members, leading to some employees being unable to work remotely due to the incident.
According to information obtained by CBC, a government email to staff revealed that data of any employee who connected remotely via a virtual private network between December 30, 2023, and January 24, 2024, is at risk. Global Affairs acknowledged the breach in a statement to IT World Canada, stating, "Early results indicate there has been a data breach and that there has been unauthorized access to personal information of users, including employees." The department is actively reaching out to those affected, implementing mitigation measures to secure sensitive and personal information. Additionally, the incident has been reported to Canada's Office of the Privacy Commissioner.
The discovery of the breach has led to restrictions on remote access to Global Affairs Canada's network, initiated as part of an unplanned IT outage on January 24, 2024. This outage was deliberately activated to address the identified malicious cyber activity. While on-site employee connectivity in government buildings remains fully operational, remote employees in Canada have been provided with workarounds to ensure continuity. Global Affairs Canada is collaborating with IT partners, including Shared Services Canada and the Canadian Centre for Cyber Security, to restore full connectivity as quickly as possible.
Global Affairs, responsible for overseeing the government's foreign policy and managing Canadian embassies worldwide, has experienced cyber threats in the past. The current incident comes precisely two years after the department revealed a previous cyber attack detected on January 19, 2022. Following that attack, a departmental investigation suggested a high likelihood of facing another online threat with significant impact.
David Shipley, head of New Brunswick's Beauceron Security and co-chair of the Canadian Chamber of Commerce's cyber council, emphasized the importance of assessing the severity of this breach by considering the duration of the Global Affairs network outage. Shipley noted that a prolonged outage would indicate a more substantial compromise, raising questions about the effectiveness of measures taken following the previous incident. He urged the government to publicly communicate details of the breach to facilitate learning for other organizations facing similar threats.
