Third-party breaches compromise Canadian government employee data

Canada had information from an undisclosed number of current and former government employees, including those in the Canadian Armed Forces and Royal Canadian Mounted Police, exposed following data breaches impacting its contractors Brookfield Global Relocation Services and SIRVA Worldwide Relocation & Moving Services, according to SecurityAffairs. "At this time, given the significant volume of data being assessed, we cannot yet identify specific individuals impacted; however, preliminary information indicates that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies," said the Canadian government in a breach notice. While the attackers behind the compromise have not been named, the LockBit ransomware gang has already admitted that it was behind the intrusion against SIRVA, from which it was able to exfiltrate more than 1.5 TB of data, as well as three complete CRM backups for the firm's branches in North America, Europe, and Australia.