Sensitive personal data ‘may’ have been accessed during B.C. cyberattack: gov’t

The B.C. government says a series of cyberattacks on the provincial IT systems earlier this spring may have led to “sensitive personal information” being accessed.

Public Safety Minister and Solicitor General Mike Farnworth delivered an update on Monday, explaining those affected are all public service employees, barring one, who had family information in their inbox.

​​​​​​​​​​​​​​​​​​​​ Listen to CityNews 1130 LIVE now!

---

“At this time, we have no indication that the general public’s information was accessed. We have identified any misuse of this information or found evidence that the actor accessed specific files, but all the individuals have been notified and will be receiving credit monitoring and identity protection supports,” Farnworth said.

In May, the premier said the government was the target of “sophisticated cybersecurity incidents.” The BC Public Service added that it believes with a “high degree of confidence” that those behind the attack were a “state or state-sponsored actor” over the course of a few weeks.

Twenty-two email accounts, for a total of 19 individuals, were targeted in the attack, Farnworth said, adding that due to the investigation, he is unable to share which departments the individuals may be from.

“We know that cyber-attacks are increasing or have been increasing, not just here, but in fact, it’s a global issue, both in terms of governments and the private sector. What we want to ensure, is that we are doing everything we can, that our systems are being updated as quickly as possible, as when we become aware of things that are happening,” he said.

Farnworth was unable to confirm how the cyberattack occurred but shared that the province has 76 people working on “ensuring technology and the security of networks” across government departments.

“This is an issue that the government takes very seriously. It’s why investments, significant investments, were made three years ago to ensure that the integrity of our systems is not compromised by having the latest technology.”

Last month, the province said it didn’t believe any sensitive information was compromised, adding it hadn’t received any requests for ransom payments.

“This is not a ransomware attack from what we have been advised. This has been a very sophisticated attempted attack incident, and one of the things that has given that is cyber experts have told us is the way in which they tried to cover up their tracks,” Farnworth said May 10.

“What I can tell you is it became evident to the technical experts within government and through the Canadian Centre for Cyber Security, as well as the private sector, Microsoft, detection and response team, that what they were seeing while investigating … that this was a very sophisticated operation.”

The head of the BC Public Service said Premier David Eby was briefed on the issue in mid-April, adding incidents were discovered throughout that month, as well as into May.

Political opponents have slammed the BC NDP for how it relayed information about the cyberattacks. A day after word of the incidents were shared by the province, politicians sparred in question period, with BC United saying the NDP had “concealed a massive cyberattack on the provincial government for eight days.”

We’ll have the latest from the province’s update Monday both on-air and online. Stay with CityNews for the latest.