The Canadian government reports a data breach after hacking by contractors

According to the Canadian government, confidential data belonging to an unspecified number of federal personnel was exposed due to hacking into two of its contractors.

The breaches that took place last month affected SIRVA Worldwide Relocation & Moving Services and Brookfield Global Relocation Services (BGRS), two companies that provide relocation services to Canadian government personnel.

Information belonging to a wide range of impacted persons, including members of the Royal Canadian Mounted Police (RCMP), members of the Canadian Armed Forces, and employees of the Government of Canada, is kept on compromised BGRS and SIRVA Canada systems and dates back to 1999.

The LockBit ransomware group has already acknowledged credit for breaking into SIRVA’s computers and leaking what they claim to be archives holding 1.5TB of stolen records, even though the Canadian government has not officially assigned blame for the crime.

Additionally, LockBit released the transcripts of its unsuccessful talks with purported SIRVA executives.

“All of their data, according to Sirva.com, is only worth $1 million. “We have three complete backups of CRM for the EU, NA, and AUS branches + over 1.5TB of leaked documents,” the ransomware gang writes in a post on its dark web data leak website.