Report Shows Personal Info On 144K Canadians Breached By Federal Entities: Expert Comments

It was recently reported that information on 144,000 Canadians was breached by 10 federal departments on almost 8,000 occasions in the past 2 years alone.

The Canada Revenue Agency (CRA) saw the most individuals affected, with 3,020 breaches involving 59,065 individuals. The CRA blames the breaches on misdirected mail, security incidents, and employee misconduct. “Two-thirds of the total individuals affected were as a result of three unfortunate but isolated incidents,” the publication quotes a CRA spokesperson as saying. Next was Health Canada, which was responsible for 122 breaches, affecting 23,894 individuals. According to CBC, the agency said in its “most serious” breach, a government employee mistakenly received an email containing personal information. That person immediately notified the appropriate officials at Health Canada and deleted the email, the report said. The Public Health Agency of Canada (PHAC) was responsible for seven breaches that affected 3,725 individuals; similarly, Environment was responsible for seven breaches, seeing 6,028 affected.


EXPERTS COMMENTS
Tim Erlin, VP of Product Management and Strategy ,  Tripwire
February 18, 2020
There are literally tens of thousands of smaller breaches in the report, and it’s difficult for anyone to work to prevent similar incidents.
While massive breaches involving hundreds of millions of records grab headlines, it’s incredibly important to have transparency in these types of incidents as well. There are literally tens of thousands of smaller breaches in the report, and it’s difficult for anyone to work to prevent similar incidents in the future without knowing that they’re occurring now. Thwarting malicious hackers a ....
[Read More >>]
Paul Bischoff, Privacy Advocate,  Comparitech
February 18, 2020
Even the most well-equipped organizations can do little to stop employees from accidentally emailing the wrong person.
The report is a good example of how most data breaches are caused by human error and not by hackers overcoming cybersecurity measures. Even the most well-equipped organizations can do little to stop employees from accidentally emailing the wrong person. Most reports on data breaches only cover incidents that reach a threshold of people affected, which only allows us to see big breaches of, say, ....
[Read More >>]
Martin Jartelius, CSO ,  Outpost24
February 17, 2020
These breaches should not be seen as failures, but incidents to learn from.
These breaches should not be seen as failures, but incidents to learn from. The fact that so many are reported is either a failure on behalf of the agencies on proper data management, but far more likely this is the result of a matured incident reporting. Looking to just our own experience, even where legislation is in place demanding breach notifications, even government agencies struggle to do w ....
[Read More >>]
Felix Rosbach, Product Manager,  comforte AG
February 17, 2020
Unfortunately, there is no silver bullet for cyber security.
With more and more regulations coming into play and evolving, government agencies are not only facing cross-regulatory compliance challenges. Home-grown applications, legacy infrastructure and silos make it hard to implement robust security. Unfortunately, there is no silver bullet for cyber security. We all know that. Looking at recent breaches and an ever increasing attack surface, classic per ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article