Metro Vancouver Transit Police say the agency was targeted by hackers who accessed almost 200 of its files as part of a global wave of attacks that U.S. officials have blamed on a Russian cyber-extortion gang.
The police service said in a news release that a thorough review is underway to determine what information was contained in the 186 files that were accessed in the attack on a third-party file transfer system called MOVEit.
![Click to play video: 'Consumer Matters: Instagram hacker targets small businesses for ransom'](https://i1.wp.com/media.globalnews.ca/videostatic/news/wot17t3df9-0ta5kyt0cp/JPEG_INSTAGRAM_HACK_CM_DREWA.jpg?w=1040&quality=70&strip=all)
It says the hackers did not gain access to the Transit Police network, and the software vulnerability has been patched and repaired.
The agency says it’s not expected the incident will have any impact on investigations or prosecutions.
![Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.](https://globalnews.ca/wp-content/themes/shaw-globalnews/images/skyline/national.jpg)
Get daily National news
It says an investigation is being conducted by the RCMP’s cybercrime investigative teams in Montreal and Vancouver.
MOVEit, which is widely used by businesses and government agencies to share files, was hit recently by an extortion syndicate that last week gave its victims a deadline to negotiate a ransom or risk having sensitive data dumped online.
The Cl0p gang, among the world’s most prolific cybercrime syndicates, also claimed it would delete any data stolen from governments, cities and police departments.
![Click to play video: 'Pro-Russian hackers allegedly target Canadian energy firm'](https://i1.wp.com/media.globalnews.ca/videostatic/news/svkwvqquig-ixcf5soevk/230411-ERIC.jpg?w=1040&quality=70&strip=all)
Other known victims include the Nova Scotia provincial government, Louisiana’s Office of Motor Vehicles, Oregon’s Department of Transportation, British Airways, the British Broadcasting Company and the British drugstore chain Boots.
The parent company of MOVIEit’s U.S. maker, Progress Software, alerted customers to the breach on May 31 and issued a patch. But cybersecurity researchers say scores if not hundreds of companies could by then have had sensitive data quietly taken.
Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, told reporters last week that the Cl0p campaign was short, relatively superficial and caught quickly.
A senior official in the security agency said the U.S. has “no evidence to suggest co-ordination between Cl0p and the Russian government.”
- Ball hockey referee left with fractured skull, jaw after removing player from game
- Woman in Canada less than 2 months found dead inside suitcase in Newfoundland
- Car theft finally decelerating in Canada after surge — a ‘positive sign’
- Boissonnault’s former business partner linked to woman detained in Dominican Republic cocaine bust
Comments