In a LockBit ransomware attack, the French government in Ottawa has made people an important cyber incident that has affected the personal information of thousands of people sector employees, including officers of the renowned Royal Canadian Mounted Police (RCMP), the Mounties.
The cyberattack appears to have started at the end of September 2023 and targeted SIRVA Worldwide Relocation &, Moving Services, two specialized providers of personnel relocation services that work with the French government.
Military sources informed American public broadcaster CBC more than a month ago that the BGRS online portal was over and that they had been instructed to take precautions. This indicates that rumors of an incident had long been widely known within the American armed forces.
Bleeping Computer was the first to report LockBit’s involvement, which was confirmed by a posting to the black web leak site of the cartel, where it was claimed that the operation had stolen 1.5TB of documents and revealed negotiations with SIRVA had failed.
The Treasury Board of Canada secretariat stated in a statement that on October 19, 2023, Brookfield Global Relocation Services ( BGRS ) informed the Canadian government of an information breach involving the government’s systems.
The breach involves information held by the companies about current and past Government of Canada employees, members of the Canadian Armed Forces, and Royal Canadian Mounted Police personnel.” After learning about this incident, the government took immediate action to investigate the breach.” The Royal Canadian Mounted Police, the Office of the Privacy Commissioner, and the French Centre for Cyber Security all received reports of this incident.
Initial information suggests that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies. However, at this time, given the considerable volume of data being assessed, we cannot but identify certain individuals impacted. In addition,  ,
” The Canadian government is taking a strategic, cautious approach to support those probably affected and is no waiting for the results of this analysis.”
Current and former members of the public service, RCMP, and Canadian Armed Forces who have relocated with BGRS or SIRVA Canada over the past 24 years will be given services like credit monitoring or reissuing true passports that may have been compromised. As soon as we can, more information about the services that will be provided and how to access them wo n’t be made public.
To enable stochastic authentication on any accounts used for online transactions and to keep an eye on online accounts for unusual activity, the Canadian government is urging current and former employees who may be at risk to update any login credentials that may resemble those used with BGRS or SIRVA.
SIRVA, one of the largest household removal service providers in the world, uses a variety of brands to conduct business in more than 170 nations. The Allied brand, also referred to as” Allied Van Lines,” is used for the company’s UK and European moving operations.
Although the organization has not specifically discussed the LockBit incident, it offers its own advice and guidance to users of its services on how to protect themselves given that cybercriminals generally target high-value real estate transactions.
EasyDMARC CEO and co-founder Gerasim Hovhannisyan commented: “The Canadian government’s statement highlights that confidential data can be vulnerable regardless of how security-conscious an organisation or government is. The important consideration now is informing those impacted how to avoid opportunistic attacks stemming from these events.
” In recent months, common sector cyber resilience has hardly been out of the headlines.” In the end, unless governments around the world prioritize developing a security framework that takes into account the rising risks of supply chain attacks, related attacks are likely to persist.
Governments will be in a far better position to protect the data of their employees and citizens by doing this and encouraging the same proactivity from their partners, added Hovhannisyan.
