Peel Health Program hit with data breach

Share this article:

Ontarian regional municipality Peel admitted this week to losing the personal information of more than 18,000 people in a security breach.

The names, addresses, ages, marital statements and assessment information of the region's Healthy Babies Healthy Children program were lost on an unencrypted SD card, said the region's health officer Eileen de Villa. The card was on a bag that was stolen from an employee's car on Sept. 24.

Health staff had used records to determine how to treat clients as part of the program, which was a voluntary initiative designed to help and educate families on childcare during and after pregnancy. The families were based in the Peel region, which encompasses the municipalities of Brampton, Caledon and Mississauga, near Toronto.

The majority of records stolen related to people who were in the program from March 2010 to August 2011, although there were several records from outside that time window.

“It is not standard or acceptable practice for any staff to put client information on unencrypted devices,” said de Villa, apologizing for the incident.

Security experts criticized the municipality. “Behaviors aren't changing. We rely on these silly policies that allow human beings to be perfect,” said Tony Busseri, CEO of Toronto-based Route1, which sells identity management and service delivery software. "Why we would ever allow portable devices to extract information? It's silliness. Whether it's 18,000 or 800,000, there's a behavior that's going on in Canada that's quite troubling. Not enough attention has been given to this subject,” he said.

The municipality is notifying affected individuals by letter and phone.

Share this article:

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

More in SC Canada

Almost 40 percent of Canada's Justice Department duped by phishing

Almost one in four employees at Canada's Justice Department fell prey to internet phishing in an exercise last December.

Microsoft wavers on Canadian spam fears

Microsoft has reconsidered a move to cease security emails in Canada, following the introduction of an anti-spam law north of the border.

Underinvestment, poor communication plague Canadian cybersecurity

Canadian cybersecurity is languishing due to poor communication and disappointing security investments, according to research from the Ponemon Institute.