Toronto Zoo: Reported Breach MR24-00003
The Toronto Zoo experienced a ransomware attack that compromised the personal information of a significant number of employees, volunteers, donors, members, and guests. This unauthorized access led to data being encrypted, stolen, and then posted on the dark web. The breach revealed gaps in the Zoo's security and information practices at the time of the attack. Learn how the Zoo responded and how the matter was resolved at the Early Resolution Stage by reading the full closing letter.
Toronto District School Board Cyberattack of Test Lab Environment
A cyberattack on the TDSB’s “test lab environment” exposed vulnerabilities in its systems that contained a significant number of individuals’ personal information. Read the closing letter to learn about how the case was settled at the Early Resolution Stage.
Innomar Strategies Cyberattack: Review of Security Practices and Recommendations
A cybersecurity attack on Innomar Strategies’ systems resulted in the exfiltration of a significant number of individuals’ personal health information. The threat actor(s) gained access to an affiliate through a system vulnerability and moved laterally to gain access to Innomar’s systems. Read the closing letter to learn about how the case was resolved at the Early Resolution Stage.
Toronto District School Board Cyberattack: Recommendations for improved security
A social engineering attack at a TDSB high school led to the unauthorized access of personal information belonging to current and former students, parents and staff across several schools. The threat actor gained unauthorized access to the affected schools’ systems by obtaining the login credentials of a school’s Vice-Principal (VP) through a social engineering attack and obtaining the login credentials for their OneDrive account from a browser cache connected to the Vice-Principal. The breach resulted in several recommendations to the TDSB by the IPC that will assist in improving its security posture.
Toronto Public Library Cyberattack: Importance of reasonable security measures and notifying affected individuals under MFIPPA
A cyberattack on the Toronto Public Library exposed vulnerabilities in its systems that contained a significant number of individuals’ personal information. Read the closing letter to learn about how the case was settled at the Early Resolution Stage.
Cyberattack of a prescribed person: IPC report highlights breach response and details the indirect notice method used to reach affected individuals
A prescribed person under the Personal Health Information Protection Act reported a breach to the IPC regarding a cyberattack that involved the unauthorized copying of approximately 3.4 million individuals’ personal health information from the prescribed person’s secure file transfer server. The threat actors gained unauthorized access to the server by exploiting a zero-day vulnerability in the file transfer software, MOVEit, that was installed on this server.
Durham Region Cyberattack caused by a vulnerability in Accellion File Transfer Appliance software
Durham Region experienced a cyberattack traced to the region’s use of Accellion File Transfer Appliance (FTA) software, a product that has been linked to breaches in organizations around the world as part of a massive spree of cyberattacks.
Older technology that uses outdated designs and components can provide an open door for cybercriminals to gain access to sensitive data. While moving from legacy systems to new systems may pose financial and/or operational challenges for organizations, it is important to keep up with evolving technology in order to take advantage of the latest security features. This incident also serves to highlight the importance of monitoring computer networks for abnormal activity, often the first sign of large-scale data theft.