N.S. privacy commissioner to probe data breach that affected at least 100,000

Nova Scotia’s information and privacy commissioner is launching an investigation into a security breach announced in June that compromised the private information of at least 100,000 people. 

The incident occurred after cybercriminals exploited a security weakness in the MOVEit file transfer service, which is used by provincial government departments, as well as Nova Scotia Health and the IWK Health Centre. 

Back in June, the province said the information stolen was payroll data transferred between departments, including banking details, home addresses, and social insurance numbers.

In a release Thursday, privacy commissioner Tricia Ralph wrote that the purpose of the investigation is to determine the “adequacy” of the province’s security and information practices and its response to the breach. 

The office added that prior to launching this investigation, it had received 110 privacy complaints from people whose data was compromised.

The Clop ransomware group, which has claimed responsibility for the attack, said in June that it has since deleted the data, claiming to have no interest in exposing info from public bodies. But security experts have questioned those claims.

A public report will be shared once the investigation is complete, the office said. 

MORE TOP STORIES