Advertisement

Global Affairs Canada systems compromised in data breach

Click to play video: 'Global Affairs Canada systems compromised in data breach'
Global Affairs Canada systems compromised in data breach
WATCH ABOVE: Global Affairs Canada announced Tuesday it is investigating a cyberattack and data breach that has forced it to limit remote access to its networks – Jan 31, 2024

Global Affairs Canada’s systems have been compromised in a data breach with early indications  of  “unauthorized access to personal information of users including employees.”

An internal message sent to GAC staff, seen by Global News, said steps are currently being taken to protect sensitive employee information and network security.

“We continue to take several steps to protect employee’s personal information and safeguard our corporate networks following the discovery that Virtual Private Network (VPN) managed by Shared Services Canada (SSC) was compromised and used to access Global Affairs Canada (GAC) HQ VPN-related network traffic,” the internal message read.

GAC has asked staff to “pay close attention to all broadcast messages on this topic, ensure that all steps are followed.”

Click to play video: 'Staying protected online in wake of ‘supermassive’ data breach'
Staying protected online in wake of ‘supermassive’ data breach

In a statement Tuesday afternoon, the department said that “an unplanned IT outage is currently affecting remote access to Global Affairs Canada (GAC)’s network in the country.”

Story continues below advertisement

“This partial outage was intentionally activated on January 24, 2024 to address the discovery of malicious cyber activity,” the statement said.

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.

Get daily National news

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

“Global Affairs Canada is working with IT partners, including Shared Services Canada and the Canadian Centre for Cyber Security (part of Communications Security Establishment) to restore full connectivity as soon as possible.”

It went on to note that an investigation is underway.

“Early results indicate there has been a data breach and that there has been unauthorized access to personal information of users including employees. The Department is contacting those affected with mitigation measures to ensure that sensitive and personal information is secure. The incident has also been reported to Canada’s Office of the Privacy Commissioner,” the statement said.

“We cannot comment further at the moment on any specific details for operational and security reasons.”

This is not the first time Global Affairs’ network has been compromised.

Click to play video: 'Global Affairs Canada targeted by ‘cyber attack’ amid Russia-Ukraine tensions'
Global Affairs Canada targeted by ‘cyber attack’ amid Russia-Ukraine tensions

Global News reported in January 2022 that some parts of Global Affairs’ networks had to be shut down for days after what security and government sources described as a “cyber attack.”

Story continues below advertisement

At the time, the Canadian government was vocally supporting Ukraine’s administration as Russia massed troops on that country’s border for its eventual invasion. A national security source, speaking on the condition they not be named, said at the time it was believed Moscow-backed hackers were involved in the attack.

“GAC has been the target of a cyber attack but it is not clear if the Russians, the alleged perpetrators, hacked into the system or were able to merely disrupt its service,” the source said at the time.

The department would certainly be a high-value target for hostile states and the hacking groups backed by them. In addition to diplomacy, Global Affairs also has an intelligence gathering and analysis function, and works closely with national security agencies like the Communications Security Establishment (CSE).

With a file from Global’s Mercedes Stephenson and Alex Boutilier.

Sponsored content

AdChoices