Sirva Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In a past incident during September and October 2023, a data breach impacted BGRS and SIRVA Canada systems, affecting a range of Canadian government employees, including members of the Canadian Armed Forces and Royal Canadian Mounted Police. The breach exposed personal and financial information of individuals using relocation services from these companies. The Canadian government responded by implementing measures like re-issuing passports and offering credit monitoring to those affected.
How many accounts were compromised?
The data breach impacted 480,000 individuals.
What data was leaked?
The data exposed in the breach included personal information of Canadian government employees, such as passports, financial information, and other personal details.
How was Sirva hacked?
The LockBit ransomware gang exploited vulnerabilities in the systems of BGRS and SIRVA, two relocation services providers, to gain unauthorized access and exfiltrate 1.5TB of documents containing sensitive personal information of Canadian government employees. The exact methods used by the hackers remain unclear, as the investigation is ongoing.
Sirva's solution
In response to the hack, SIRVA's specific enhanced security measures remain unclear. However, the Canadian government took immediate action to investigate the breach, reported it to relevant authorities, and is working to identify individuals potentially affected by the breach. Credit monitoring services and passport reissuance are being offered to affected individuals. Additionally, the Canadian Centre for Cyber Security is advising individuals to change passwords and enable multi-factor authentication as a precaution.
How do I know if I was affected?
It is not mentioned whether SIRVA reached out to affected users. If you believe you may be affected and haven't received a notification, you can visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the respective service providers.
Where can I go to learn more?
If you want to find more information on the Sirva data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
Sirva Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In a past incident during September and October 2023, a data breach impacted BGRS and SIRVA Canada systems, affecting a range of Canadian government employees, including members of the Canadian Armed Forces and Royal Canadian Mounted Police. The breach exposed personal and financial information of individuals using relocation services from these companies. The Canadian government responded by implementing measures like re-issuing passports and offering credit monitoring to those affected.
How many accounts were compromised?
The data breach impacted 480,000 individuals.
What data was leaked?
The data exposed in the breach included personal information of Canadian government employees, such as passports, financial information, and other personal details.
How was Sirva hacked?
The LockBit ransomware gang exploited vulnerabilities in the systems of BGRS and SIRVA, two relocation services providers, to gain unauthorized access and exfiltrate 1.5TB of documents containing sensitive personal information of Canadian government employees. The exact methods used by the hackers remain unclear, as the investigation is ongoing.
Sirva's solution
In response to the hack, SIRVA's specific enhanced security measures remain unclear. However, the Canadian government took immediate action to investigate the breach, reported it to relevant authorities, and is working to identify individuals potentially affected by the breach. Credit monitoring services and passport reissuance are being offered to affected individuals. Additionally, the Canadian Centre for Cyber Security is advising individuals to change passwords and enable multi-factor authentication as a precaution.
How do I know if I was affected?
It is not mentioned whether SIRVA reached out to affected users. If you believe you may be affected and haven't received a notification, you can visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the respective service providers.
Where can I go to learn more?
If you want to find more information on the Sirva data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
Sirva Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In a past incident during September and October 2023, a data breach impacted BGRS and SIRVA Canada systems, affecting a range of Canadian government employees, including members of the Canadian Armed Forces and Royal Canadian Mounted Police. The breach exposed personal and financial information of individuals using relocation services from these companies. The Canadian government responded by implementing measures like re-issuing passports and offering credit monitoring to those affected.
How many accounts were compromised?
The data breach impacted 480,000 individuals.
What data was leaked?
The data exposed in the breach included personal information of Canadian government employees, such as passports, financial information, and other personal details.
How was Sirva hacked?
The LockBit ransomware gang exploited vulnerabilities in the systems of BGRS and SIRVA, two relocation services providers, to gain unauthorized access and exfiltrate 1.5TB of documents containing sensitive personal information of Canadian government employees. The exact methods used by the hackers remain unclear, as the investigation is ongoing.
Sirva's solution
In response to the hack, SIRVA's specific enhanced security measures remain unclear. However, the Canadian government took immediate action to investigate the breach, reported it to relevant authorities, and is working to identify individuals potentially affected by the breach. Credit monitoring services and passport reissuance are being offered to affected individuals. Additionally, the Canadian Centre for Cyber Security is advising individuals to change passwords and enable multi-factor authentication as a precaution.
How do I know if I was affected?
It is not mentioned whether SIRVA reached out to affected users. If you believe you may be affected and haven't received a notification, you can visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the respective service providers.
Where can I go to learn more?
If you want to find more information on the Sirva data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions