The Saskatchewan government says there is a risk that personal employee information may have been obtained during a cybersecurity attack on Saskatchewan Liquor and Gaming Authority (SLGA) on Christmas Day.
A note from the government on Monday afternoon stated that an investigation into the matter determined the records were accessed by an unauthorized third party.
“As a result of this finding, SLGA is issuing a notification to current and former SLGA employees to provide credit monitoring to these individuals,” said the government in its statement.
“Although there are currently no findings within the ongoing investigation to indicate this personal information has been used in any way, this action is being taken out of an abundance of caution. Information about credit monitoring is being sent directly to employees by mail.”
The government said SLGA is not aware of any impact to client information and will continue to provide updates as appropriate.
An investigation was launched after SLGA learned of the cybersecurity incident. The liquor and gaming authority took steps to secure its systems and mitigate impact to data, according to the government note.
Independent cybersecurity experts were called in to assist SLGA with recovery from this incident. SLGA’s distribution centre has since resumed full operations.
“SLGA continues to work closely with retailers and liquor suppliers to ensure regular operations related to the inbound and outbound flow of products,” said the government. “Work continues on bringing other systems online, including SLGA’s website.”
SLGA officials have been in regular contact with the Office of the Information and Privacy Commissioner and are continuing to work to resolve the issue.