Canadian government probes cyberattack and data breach at Global Affairs Department

Global Affairs Canada is investigating a cyberattack and data breach that has prompted the department to restrict remote network access. The breach, described as "malicious cyber activity," was discovered nearly a week ago, leading to remote access to national networks shutdown. While employees within Global Affairs buildings have full network access, those working remotely have been provided with "workarounds" to continue operations.

According to early findings, users’ personal information, including employees, was accessed during the breach. The incident has prompted the involvement of Shared Services Canada and the Canadian Centre for Cyber Security in the investigation. The department actively contacts affected individuals and implements mitigation measures to safeguard sensitive information. Additionally, the breach has been reported to Canada’s Office of the Privacy Commissioner.

CBC News reports that the breach affected at least two internal hard drives and compromised emails, calendars, and contacts of numerous staff members. Some employees have been advised against remote work due to the incident, with data of those who connected remotely via virtual private network between December 30, 2023, and January 24, 2024, deemed at risk.

Global Affairs Canada has assured that critical services and external communication channels remain operational despite the partial network outage initiated on January 24, 2024, to address the cyber activity. On-site connectivity in government buildings remains unaffected while measures are being taken to restore full connectivity.