Several government departments in Canada have compromised the personal information of 144,000 individuals across 7,992 data breaches that occurred over the past two years, according to a report from the Canadian Broadcasting Corporation (CBC). The Canadian government stated that the information breached while answering to an order paper question filed by Conservative MP Dean Allison last month.
According to report findings, the Canada Revenue Agency (CRA) suffered a greater number of cyberattacks with 3,005 data breaches which affected 60,000 Canadians’ information. The CRA blamed the breaches on security issues, misdirected mail, and employee misconduct. Health Canada reported the second-highest number of data breaches with 122 breaches, affecting 23,894 individuals. The report also revealed that the Public Health Agency of Canada (PHAC) was responsible for seven breaches that affected 3,725 individuals.
Etienne Biram, CRA spokesperson, said, “We consider a single privacy breach to be one too many. Two-thirds of the total individuals affected were as a result of three unfortunate but isolated incidents.”
The other government entities that reported data breaches include the Public Services and Procurement, which experienced 164 breaches, with 5,149 affected; Employment and Social Development Canada suffered 1,421 breaches, affecting 3,586 individuals; Department of National Defence (DND) was responsible for 170 breaches, with 2,273 individuals affected; Immigration saw 3,005 breaches, affecting 4,268 individuals.
“As it stands, federal departments only have to alert affected individuals in the event of material breaches–cases involving sensitive personal information, which reasonably could be expected to cause serious injury or harm to an individual, or ones affecting large numbers of people,” CBC stated.
Data Breaches Increased in Canada
Earlier, the office of the Privacy Commissioner of Canada revealed that around 680 security breaches were reported in 2019, which is six times the volume received during the same period in 2018. It’s said that the number of Canadians affected by a data breach is more than 28 million, in which 58 percent of reported breaches involved unauthorized access.
The number of reported data breaches in Canada increased by six times after the country implemented a breach-reporting regulation. The new regulation, the Personal Information Protection and Electronic Documents Act (PIPEDA), went into effect on November 01, 2018. As per the regulation, Canadian companies are required to report all the details of data breaches that occurred within the organization. They also need to notify affected individuals and keep records of all data breaches.