Authorities investigating massive security breach at Global Affairs Canada

CBC

30 January 2024 at 3:01 pm·4-min read

Global Affairs Canada was hit by a month-long data security breach that affected staff email, CBC News has learned. (Tero Vesalainen/Shutterstock - image credit)

Canadian authorities are investigating a prolonged data security breach following the "detection of malicious cyber activity" affecting the internal network used by Global Affairs Canada staff, according to internal department emails viewed by CBC News.

The breach affects at least two internal drives, as well as emails, calendars and contacts of many staff members.

CBC News spoke to multiple sources with knowledge of the situation, including employees who have received instructions on how the breach affects their ability to work. Some were told to stop working remotely as of last Wednesday.

CBC News has also seen three internal emails sent to Global Affairs staff.

"Forensic work has also progressed to help us understand the scope of the data breach," one email said. "The work is ongoing, but early results suggest that many (Global Affairs Canada) users may have been affected."

Another email said the internal systems were vulnerable between December 20, 2023 and January 24, 2024. It informed anyone who connected remotely using a SIGNET (Secure Integrated Global Network) laptop that their information may be vulnerable.

The "compromised" system was the virtual private network (VPN) staff use to access Global Affairs's Ottawa headquarters. The VPN system was managed by Shared Services Canada, the GAC notice said.

Shared Services Canada is a federal department created in 2011 to take over the delivery of email, data centres and network services for many government departments and agencies.

Global Affairs Canada confirms breach

In a statement issued Tuesday, Global Affairs Canada said an "unplanned IT outage" is affecting remote access to its network. The department said the partial outage was activated intentionally on Jan. 24 to "address the discovery of malicious cyber activity."

"Early results indicate there has been a data breach and that there has been unauthorized access to personal information of users including employees," the statement said, adding that the department is investigating the matter and contacting those affected to ensure their information is secure.

The statement also said connectivity in GAC buildings is fully functioning and that employees working remotely in Canada have been provided with workarounds.

"The department's critical services and external communication channels remain accessible and operational."

No word yet on scope of data breach

According to Global Affairs, SIGNET is the department's secure computer network. One part of the network holds personal information on shared drives, including employees' personal information. Another part holds classified information.

It's not clear whether secret information was lost in the breach, which lasted longer than a month. It's also not clear who was behind the breach.

Email traffic and files on personal and shared drives "may have been compromised," a GAC memo to staff said. GAC also said it's looking into whether "sensitive corporate information," such as credit cards and banking data, may have been breached.

Shared Services Canada and the Canadian Centre for Cyber Security — which is part of the Communications Security Establishment, Canada's cyber-security organization — are investigating the breach, GAC's email to staff said.

"Forensic work, including with these partners, is ongoing to help us understand the impact on our networks and any potential changes in the scope and in the time frame of the data breach," the GAC email to staff read.

The Lester B. Pearson Building on Sussex Drive in Ottawa is the Global Affairs Canada headquarters. It was designed to be a modernist take on the ancient Sphinx of Egypt, according to the City of Ottawa.

The Lester B. Pearson Building on Sussex Drive in Ottawa, headquarters of Global Affairs Canada. (CBC)

The office of the Privacy Commissioner said Global Affairs Canada informed it of a data breach on Jan. 26.

"We are in ongoing communication with the department to gather more information," a spokesman said in a media statement. "Following a breach notification, our office will work with federal institutions to better understand privacy risks related to the breach and ensure that the department undertakes appropriate steps, including notification of affected individuals."

Global Affairs is a 'natural target'

"A breach of that duration is bound to be serious," said Wesley Wark, a national security expert at the University of Ottawa.

"Global Affairs Canada holds a lot of classified and sensitive information ... It is a natural target for hacking but it's also vulnerable and holds important data."

Although sensitive diplomatic cables are sent using an encrypted system, a source told CBC News that some drafts of sensitive correspondence and some intelligence may have been stored in the affected drives.

"We know this information may be unsettling for many of you," said the email sent to staff. "This is an evolving situation and further information and guidance will continue to be shared as quickly as possible."

The email offers suggestions on how to safeguard "sensitive information" and encourages employees to monitor financial accounts in case of unauthorized activity.

In the interim, some Canada-based Global Affairs employees with security clearance are not able to work from home.

"This is not a permanent change to the hybrid work model, just a temporary situation until this crisis passes," the email said.

A senior diplomatic source told CBC News that on several occasions in the past year, staff were told to immediately change passwords or reboot software but were not given any further details.

Global Affairs said it's working with Shared Services Canada and the Canadian Centre for Cyber Security, which is part of the Communications Security Establishment, to restore full connectivity "as soon as possible."

Malay Mail
Police: Man sodomised by foreigner he met in PJ condo gym
PETALING JAYA, July 6 — A local man has alleged he was sodomised against his will by a foreigner he met at the gym of th...
Malay Mail
Malaysian film director Mansor Puteh dies, 70, dies in accident
PETALING JAYA, July 7 — Film director and critic Mansor Puteh, 70, passed away after the car he was driving skidded and...
Reuters
China anchors 'monster ship' in South China Sea, Philippine coast guard says
The Philippine Coast Guard (PCG) said on Saturday that China's largest coastguard vessel has anchored in Manila's exclusive economic zone (EEZ) in the South China Sea, and is meant to intimidate its smaller Asian neighbour. The China coastguard's 165-meter 'monster ship' entered Manila's 200-nautical mile EEZ on July 2, spokesperson for the PCG Jay Tarriela told a news forum. The PCG warned the Chinese vessel it was in the Philippine's EEZ and asked about their intentions, he said.
The Guardian
Portugal v France: a galactic battle lost in the black hole of one man’s ego
This Euro 2024 clash could have been an all-time great quarter-final, and instead a part of it was stolen
HuffPost
My Wife Of 26 Years Died. 6 Months Later, I Received A Call That Left Me Stunned.
"There is your life before the death of your beloved spouse and your life after. The pain never fully goes away."
CNN
Opinion: What Britain’s first Asian prime minister meant to my family
The defeat of the Conservative Party in the UK election ends Rishi Sunak’s two-year premiership. Does it also sour the story of Britain’s first Asian prime minister, asks Sunder Katwala.
Malay Mail
Immigration nabs 75 in Klang Valley prostitution crackdown
KUALA LUMPUR, July 6 — The Immigration Department conducted a crackdown on a foreign prostitution syndicate in the Klang...
Cosmopolitan
Jennifer Lopez's Family Want Her to "File for Divorce First and Get On With Her Life"
Jennifer Lopez's family want her to "file for divorce first" from Ben Affleck and get on with her life.
Yahoo News UK
Seven moments over 14 years that destroyed the Conservative government
The Tories have lost the 2024 general election with the worst results in the party's history. Here are the key moments that brought them down.
Malay Mail
In Section 19 PJ, the newly-opened Jing Cheng Beijing Roasted Duck scores a hit with Beijing-style roast duck
PETALING JAYA, July 7 — Earlier this year, I wrote about The Golden Time, one of the five restaurants located on the gro...
RFI
Carmakers unhappy after EU hits China with tariffs on electric vehicles
The European Union has slapped extra provisional duties of up to 38 percent on Chinese electric car imports because of "unfair" state subsidies, despite Beijing's warnings the move would unleash a trade war. But company reps in both China and Europe are critical of the steps. Brussels launched an investigation last year into Chinese electric vehicle manufacturers to probe whether state subsidies were unfairly undercutting European automakers.Since announcing the planned tariff hike last month, o
INSIDER
Kamala Harris won't save Democrats if she takes over for Biden, warns historian who correctly predicted 9 of the last 10 elections
Professor Allan Lichtman told WSJ that based on his election model, President Joe Biden remains the Democrats' best shot for the White House in 2024.
The Telegraph
British Jews have reason to be frightened. This time it’s not Labour
On October 8, as the world was beginning to comprehend what had just happened in southern Israel, most decent people – including many who would go on to decry Israel’s retaliatory campaign – expressed genuine horror at what Gaza’s Islamist barbarians had done. But a substantial minority was openly cheering. Not just in Turkey and Iran, but in Toronto and London.
Malay Mail
Umno veterans question low Chinese voter turnout at Sg Bakap
KUALA LUMPUR, July 7 — The Umno Veterans Club today expressed concern over the low turnout of Chinese voters during the...
The Independent
The shocking true story of a Utah woman who poisoned her bestie after she took out a life insurance policy
Janie Lynn Ridd and her roommate Rachel had been best friends for 25 years. But after Rachel became deathly ill numerous times without any explanation, she discovered her best friend had been trying to poison her with a strain of antibiotic-resistant bacteria. Martha McHardy reports
Malay Mail
Big fat weddings off the cards for Malaysian couples as cost of living bites post-pandemic
KUALA LUMPUR, July 6 — Malaysian couples prefer tying the knot in close-knit and moderate wedding ceremonies as cost of...
The Telegraph
Ukraine goes to war... with Western moneymen
For months, the West’s most respected military experts have been insisting that Vladimir Putin’s war machine is close to running out of steam in Ukraine. However, it is a prediction that seems completely at odds with the reality of life for millions of Ukrainians living close to the frontline.
People
New Royal Ride! Prince William Spotted Zooming Into Windsor Castle on Electric Scooter in Rare Sighting
In a rare royal sighting, the Prince of Wales was seen riding up Windsor Castle on his new mode of transportation
The Telegraph
Wout Weghorst Netherlands’ saviour as they repel Turkey onslaught to claim Euro 2024 semi-final spot
He did not score this time but super-sub Wout Weghorst was the Netherlands’ saviour once again as they survived a Turkey tsunami to set up a mouthwatering European Championship semi-final against England.
INSIDER
Israel is inching toward a wider war and a nasty fight against an enemy poised to bombard it as no other foe has
Israel and Hezbollah have regularly exchanged fire for months, but increasingly escalatory rhetoric has raised fears of a wider conflict.

Latest stories