A significant third-party breach has compromised extensive data pertaining to Canada’s public servants, armed forces, and the Royal Canadian Mounted Police (RCMP). The breach, impacting Brookfield Global Relocation Services (BGRS) and SIRVA Canada systems, potentially exposed individuals who utilized relocation services within the Canadian government since 1999.
BGRS has managed federal relocations since the mid-’90s, overseeing tens of thousands of government moves annually, including military deployments abroad. Contracted by the Canadian government, both BGRS and SIRVA Canada provide logistical and financial support for employees undergoing location changes.
The breached data involves personal and financial information of current and former Government of Canada employees, Canadian Armed Forces (CAF) members, and RCMP personnel. The breach, spanning decades, may encompass details provided by individuals during relocation service usage.
Reports from Canadian journalists highlighted a suspected breach in late October, suggesting a cyberattack on BGRS. The breach’s sensitivity is profound, potentially encompassing personal data of all military personnel moved by Canada in the last 24 years, including troops stationed in regions like Latvia under Operation Reassurance.
Given the breach’s gravity, authorities pledged to provide credit monitoring services and cover costs for reissuing compromised passports. Additionally, affected individuals are advised to update similar login credentials, enable multi-factor authentication, and monitor financial and personal online accounts for unusual activity.
