Over 300 individuals, 200 businesses affected by P.E.I. government data breach | Canada | News

Internal government documents posted online after last week’s ransomware attack contain confidential information from over 300 individuals and 200 businesses.

The internal documents were posted on the website of a cybercriminal group, which has claimed responsibility for the P.E.I. ransomware attack. The group has also carried out similar ransomware attacks focused on other businesses and municipalities throughout North America. The documents contain the social insurance numbers and names of 339 individuals, as well as the business numbers and names of 218 corporations who have received assistance from the Province’s AgriStability program. The program provides protection for farmers from unexpected losses.

Provincial officials appear to have first learned about the data breach after being contacted by The Guardian on Monday.

The ransomware attack occurred on Feb. 23 and resulted in several government departments being locked out of their computer system due to encryption.

“Government continues to contact individuals whose personal information it is believed may have been stolen during the ransomware attack,” read a statement issued by the Department of Finance.

The statement said an investigation into is ongoing and Islanders may experience delays in accessing some programs and services.

The department has released limited information on the extent of the attacks and has not made officials available for interviews.

The Guardian has confirmed that government systems affected by the attack include the FACTS database used in provincial courts, the system used by restaurant and food premises inspectors and the system used by the Access and Privacy Services Office. By Friday, most of these systems were up and running. The Student Achieve system used by the Public Schools Branch remains down, but The Guardian could not confirm disruptions in this system were due to the ransomware attack.

Did you know?

Here are somesteps to take to protect against identity theft:

• Contact credit bureaus in order to put fraud alerts on your account.
• Change passwords for banking institutions.
• Use two-factor authentication for accounts.
• Ensure privacy settings on social media accounts are high.
• Ensure phones, or other devices are secure and password protected.
• Avoid online shopping and banking using public wi-fi.

Ransomware is a form of malware that attempts to extort a sum of money from the victim in exchange for restoring access to a computer system.

Maze, the group that posted the stolen documents online, claims to have a further 200 GB of internal files it plans to publish. Less than half a gigabyte has been posted.

Jeffrey Thomson, a senior RCMP intelligence analyst with the Canadian Fraud Centre, said the individuals affected by the data breach should be aware of the prospect of identity theft.

"It is a concerning issue. A SIN number is the key piece of information that allows criminals to carry out identity fraud," Thomson said.

Thomson said other information, including dates of birth, addresses and phone numbers, are required in order to compromise accounts or to carry out more serious forms of identity theft.

"Those are the key pieces of information to obtain credit."

David Malamed, a forensic investigator with Cooper, Green and Warren, said SIN numbers, on their own, are not enough for anyone to carry out identity theft.

"In terms of just having those two pieces of ID, a person's name and their social insurance number, it's limited the damage that can be done. You do need someone's address, date of birth,” Malamed said.

“What is possible to be done is clustering."

Malamed said clustering involves finding other pieces of information, such as one’s mother’s maiden name, date of birth or address. These are often found on social media accounts.

Thomson said individuals affected by the data breach should take steps to protect themselves from identity theft or fraud.

This could include calling credit bureaus in order to put fraud alerts on their accounts, changing passwords and ensuring personal information shared publicly on social media sites is minimal.

Beyond this, Thomson said best practices involve watching for unauthorized transactions on accounts.

Malamed said the danger of data breaches may last for years after the information is released. Personal information could be used by fraudsters after several years.

The Guardian spoke to several individuals affected by the data breach on Friday. Most had been informed of the breach by provincial staff.

Karen Rose, P.E.I.’s information and privacy commissioner, has also confirmed that her office was providing oversight to the province’s investigation of the privacy breaches.

Twitter.com/stu_neatby

RELATED:

Comments are closed.