Public servants, RCMP and military members exposed in data breach

Get the latest from Catherine Morrison straight to your inbox

Article content

Former and current public servants, as well as members of the Canadian Armed Forces and Royal Canadian Mounted Police (RCMP) who have accessed relocation services, may have had their personal and financial information exposed in a recent data breach.

A news release shared by the Treasury Board of Canada Secretariat on Friday indicated that the federal government was made aware of the breach on Oct. 19 by Brookfield Global Relocation Services (BGRS). The breach, TBS said, involves federal data held by BGRS and SIRVA Canada, two government-contracted companies that provide employees with moving and relocation services.

Advertisement 2

Article content

Article content

“At this time, given the significant volume of data being assessed, we cannot yet identify specific individuals impacted; however, preliminary information indicates that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies,” the TBS release stated.

In late October, the Department of National Defence shared that the Government of Canada became aware on Sept. 29 of “an incident” affecting BGRS systems. It said the government had been in contact with the company, which confirmed that unauthorized access was obtained to Government of Canada personnel information held by BGRS.

According to the Government of Canada website, BGRS has been administering the Canadian Armed Forces Integrated Relocation Program for the federal government since 1994, and the CAF since 1999. The company administers more than 14,000 relocations per year, maintaining over 8,000 third-party suppliers for activities related to member relocations.

Advertisement 3

Article content

The government said it is taking a “proactive, precautionary approach” to support those potentially affected by the breach, having already taken action to investigate the incident. TBS said the breach has been reported to the Canadian Centre for Cyber Security, the Office of the Privacy Commissioner and the RCMP, adding that it is meeting with BGRS and SIRVA Canada “on a regular basis” to monitor progress on the issue.

“This will continue until we have a full assessment of the breach and its impacts,” the release stated.

TBS said services including credit monitoring and reissuing valid passports that may have been compromised will be provided to affected employees who have relocated with BGRS or SIRVA Canada over the last 24 years.

“Additional details about the services that will be offered, and how to access them will be provided as soon as possible,” TBS stated.

In the meantime, the federal government encouraged anyone who may be affected to update any login credentials that may be similar to those used with BGRS or SIRVA Canada, enable multi-factor authentication on accounts that are used for online transactions and monitor their financial and personal online accounts for any unusual activity.

Advertisement 4

Article content

Anyone who sees unauthorized access to personal or financial accounts, TBS said, should notify their financial institution immediately, contact local police and contact the Canadian Anti-Fraud Centre.

“Work is underway to verify that any vulnerabilities that contributed to this situation have been addressed by BGRS and SIRVA Canada,” the release stated. “This is an evolving situation and further information will be shared as it becomes available. Current and former employees who have questions should contact their departmental privacy teams.”

Related Stories

Our website is your destination for up-to-the-minute news, so make sure to bookmark our homepage and sign up for our newsletters so we can keep you informed.

Article content


Postmedia is committed to maintaining a lively but civil forum for discussion and encourage all readers to share their views on our articles. Comments may take up to an hour for moderation before appearing on the site. We ask you to keep your comments relevant and respectful. We have enabled email notifications—you will now receive an email if you receive a reply to your comment, there is an update to a comment thread you follow or if a user you follow comments. Visit our Community Guidelines for more information and details on how to adjust your email settings.

Leave a Comment