Province identifies more groups impacted by MOVEit cybersecurity breach
Posted Jun 14, 2023 01:54:07 PM.
Last Updated Jun 14, 2023 02:24:26 PM.
Nova Scotia’s Cyber Security and Digital Solutions Minister, Colton LeBlanc, announced Wednesday the investigation continues into the MOVEit global cybersecurity breach. The Province says it has begun identifying groups of individuals and organizations impacted by the breach, and notification letters will be sent starting at the end of the week.
Minister LeBlanc said the investigation is still in its early stages of identifying affected individuals, but the Province aims to inform Nova Scotians whose personal information has been compromised promptly. The letters will contain details about the arrangements for a free fraud protection and credit monitoring service, urging impacted individuals to register.
“Now that we have a better understanding of those impacted, we can start sending letters to Nova Scotians who have had personal information breached,” said Cyber Security and Digital Solutions Minister Colton LeBlanc. “The letters will include information about the arrangements we have made for a free fraud protection and credit monitoring service. We urge everyone who is impacted to register.
“I want to remind all Nova Scotians that identity theft is a sad reality in the digital age. Whether you have been impacted by this breach or not, please keep a close eye on your financial transactions, change your passwords regularly, and take steps to protect yourself.”
The Minister says several groups that have been affected by the breach. This includes approximately 13,000 active employees of regional centres for education and the Conseil Scolaire Acadien Provincial, comprising teachers, administrative personnel, human resources staff, and finance staff. The breached information encompasses names, addresses, social insurance numbers, pension payment amounts, and gender. The previously announced certified and permitted teachers may overlap with this group.
Furthermore, approximately 480 individuals in the Prescription Monitoring Program have been affected, with breached information, including health card numbers, personal health information, and demographic details. The Region of Queens Municipality has approximately 17,500 water and tax bill accounts impacted, exposing information such as names, addresses, account numbers, payment amounts, and balances owing. Additionally, just over 100 patients who visited the early labour and assessment unit at the IWK Health Centre have compromised their personal health information, which is limited to names, date and time of visit, and reason for the visit.
The investigation also identified five students from a Department of Labour, Skills and Immigration file whose name, address, social insurance number, phone number, and date of birth were released, along with two students whose names, institutions, and student ID numbers were compromised.
Although the voters list from Elections Nova Scotia was also on MOVEit, it was shared securely and found inaccessible, ensuring it was not compromised.
Early on, the department said that 100,000 people may have had their information stolen during the breach, but LeBlanc says he doesn’t have an exact number of individuals who have been impacted.
The Minister said the Department of Cyber Security and Digital Solutions is thoroughly reviewing the breached files. At the same time, individual government departments and organizations that use MOVEit have been provided with their respective files for review and notification of affected individuals. Due to duplications, the total number of impacted Nova Scotians remains challenging, and the count may fluctuate as file reviews continue. The investigation will take several weeks to complete before all affected individuals can be notified.
Watch Minister LeBlanc’s update: here
