In a recent series of alarming cyberattacks in Canada, from the audacious breach of the Liquor Control Board of Ontario (LCBO) to a significant ransomware attack on a major Canadian engineering firm, and the exposure of personal information in Nova Scotia and Alberta, a stark reality emerges – our vulnerabilities in the digital age are far-reaching. The stories illustrate that it's not a matter of 'if' but 'when' the next breach will occur, prompting a collective call to action for enhanced cybersecurity, data protection, and resilience in the face of an ever-evolving digital threat landscape.  

LCBO hacked

In Ontario, the government distributes the alcohol across the province through the Liquor Control Board of Ontario (LCBO). Last week, an unauthorized party hacked their website and embedded malicious code. As a result, a third-party collected names, credit card information and passwords of those who used the website since the malicious code was embedded. The extent of the incident is unknown. The ransomware gang responsible for the attack is also unknown. (cbcnews)

People are very concerned about this ransomware attack

When Canada’s largest bookstore got hit with a ransomware attack, no one seemed nervous or bothered. However, last week a Canadian engineering giant got hit with ransomware. They are responsible for work with the military, power and transportation infrastructure across the country.

“Black & McDonald and its subsidiary Canadian Base Operators have several multimillion-dollar contracts with the Defence Department for the support of Canadian military bases, including one signed in 2020 and valued at $157 million over 10 years.

The company, which has 5,500 employees across Canada and reported more than $1.5 billion in sales last year, also provides engineering and construction services for critical infrastructure projects, including nuclear power plants, airports and with the Toronto Transit Commission.”

People are concerned that the hackers are Russian cyber criminals. As a result, this attack poses a much larger risk to Canadian citizens.

The company refuses to comment on the hack. (ctvnews)

Let the data leak do the talking

Yellow Pages Group, a Canadian directory publisher was hit by a cyber attack. Black Hasta leaked personal information on a forum from the company. Although the company largely deals with public information, the following company information was found on the forum:

• Passports and drivers’ licenses
• Tax documents
• Sales and purchase agreements
• Budget and debt forecasting

Black Hasta claimed responsibility for the Capita cyber attack this month and the Sobeys attack last year. There is speculation that the group is rebranded Conti ransomware group. This is based on their negotiation tactics. (bleepingcomputer)

Nova Scotia's Massive Cyber Attack Exposes 100,000 Individuals to Identity Theft

In a stunning revelation, Nova Scotia has unveiled chilling details of a recent cyber attack that has left the personal information of up to 100,000 individuals hanging in the balance. This breach, targeting a file transfer service has struck at the very heart of the province, affecting teachers, students, healthcare workers, and even job applicants.

Names, addresses, dates of birth, and employment details were snatched by the nefarious hackers, plunging the victims into a state of vulnerability. As Nova Scotians grapple with the magnitude of this violation, authorities are scrambling to piece together the shattered fragments of their digital defenses. (ctvnews)

Over 1 million Albertans targeted in ransomware attack

Alberta Dental Services Corporation, a government service provider in Canada, had unauthorized access to its data. This ransomware attack exposed its clients, cardholders, brokers, and health benefit providers of over 1.4 million residents. The company quickly responded by engaging cyber security experts, and this involved paying a cryptocurrency ransom to the hackers. Fortunately, the stolen data was of limited value to the hackers, containing mainly names and identification numbers. (ctvnews)

Four Canadian government websites down after cyber attacks

Government websites in four Canadian provinces and territories namely, Yukon, Prince Edward Islands, Nunavut, and Manitoba experienced shutdowns on September 14, 2023. Yukon and P.E.I. involved denial-of-service tactics, where the websites were flooded with excessive requests. Such attacks can be used to conceal other hacking activities. Quebec recently experienced a similar cyber attack which temporarily affected some government-related websites. (theglobeandmail)

In conclusion, the recent surge of cyberattacks in Canada is a chilling reminder of the pervasive digital threats in our interconnected world. From the LCBO breach to ransomware attacks and data exposure incidents, these stories emphasize the urgency of comprehensive cybersecurity measures, transcending public and private sectors. In an age where our digital presence is integral, it's vital to prioritize robust cybersecurity, data protection, and readiness to combat the ever-evolving landscape of digital risks. These incidents serve as a collective call to action, encouraging organizations and individuals to strengthen their defenses and work towards a more secure digital future.

‍