Cyber-Breach Hits Government Employees
An investigation of a serious cyber-breach revealed that only employees of the provincial government — past and present — may have been affected.
The Province has determined that the personal information of many employees of Nova Scotia Health, the IWK Health Centre, and the public service have been stolen in the MOVEit global cybersecurity breach.
So far, the investigation indicates that social insurance numbers, addresses, and banking information were stolen.
This information was shared through the MOVEit file transfer service because this service is used to transfer employee payroll information.
The investigation has not yet determined how many employees have been impacted, but initial estimates suggest as many as 100,000. More specific numbers will be provided as the investigation continues.
The Cyber Security and Digital Service Minister says, “We know people are concerned, and we are, too. We are now working to identify each person who has been impacted, and once we do, we will notify them.” Colton LeBlanc added, "We're working as quickly as we can. We will continue to provide updates as we learn more.”
Notification will begin in the coming days and continue over the coming weeks, as staff manually go through each file and identify the people involved.
Current and former employees should watch their banking information closely and look for suspicious transactions. They may wish to contact their banking institution proactively.
The Province will be offering credit monitoring service to those impacted.
The MOVEit service went back online late Monday afternoon, June 5. Additional security updates and monitoring have been installed.
MOVEit was taken offline June 1 for a security update, then taken offline again on June 2 for further investigation.
Scammers often use incidents like this to prey on people. People are reminded the Province will not ask for social insurance numbers, MSI numbers, banking information, or money.
Those who think they have been hacked should immediately change passwords and update any versions of browsers, apps, and software available for their devices.
People should also watch their banking and credit card records and consider notifying their financial institutions.
Add your comments below.