Transport authority in Canada confirms leak of thousands of personal records due to ransomware infection

After having been the victim of a ransomware attack a few weeks ago, the Toronto Transit Commission (TTC) confirmed that the information of thousands of employees and users could have been extracted by threat actors. This transportation network, which operates the city’s bus, subway and tram systems, confirmed that the compromised records include names, addresses and social security numbers of at least 25,000 former and current employees.

The transport authorities mention that no evidence has been detected that the compromised information has been used for malicious purposes; however, all affected users will be notified and given a free subscription to a protection service against identity fraud and other variants of cyberattack.

TCC also recommends that affected users notify their respective banks and thus add an additional layer of security to their financial information.

As some users may remember, in late October a security incident disrupted some TCC computer systems. Although at the time it was confirmed that this incident was generated by an external unauthorized actor, it was not until a few days later that the transport authority revealed that it was all part of a ransomware attack.

Rick Leary, executive director of TCC, said, “On behalf of the entire organization, I want to express my deep regret for the inconvenience this incident may have caused… Organizations like ours operate with significant amounts of personal information and it is essential to do everything we can to keep these records protected.”

The official also pledged to maintain the authorities’ efforts to restore the compromised information, including the rehabilitation of external email servers and the adequate protection of personal information storage systems.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.