250,000 construction workers victims of data breach

Around 250,000 construction workers are potentially victims of an international data leak affecting a medical insurance provider of the Commission de la construction du Québec (CCQ). Several bank account numbers as well as claim summaries have leaked into the hands of hackers.


The CCQ announces that it will offer affected workers a free 24-month monitoring program with Equifax, similar to the one that Desjardins offered to its clients during the 2019 leak. The organization began sending letters on Monday evening information to workers affected by the post.

The leak, the work of a group of hackers called “Cl0p”, dates from last June. It was the provider Moveit, a secure file transfer software, which was the target. Information theft has affected more than 60 million people around the world to date, according to the firm Emsisoft.

However, it was only on October 13 that the CCQ said it had confirmation that the data of 250,000 workers who subscribe to its Médic Construction group health insurance plan had been exfiltrated by hackers. “On October 24, we knew more precisely who was affected, and what is the nature of the information that leaked,” explained to The Press the CEO of the Commission, Audrey Murray.

In addition to first names, last names, residential addresses and telephone numbers, the stolen data also potentially includes workers’ bank account numbers. “In some cases, health care claim summaries have also been hacked,” said Audrey Murray. However, no social insurance number would have been stolen, since these were not used to identify participants on the platform.

“We monitored the dark web when we learned of the hack, and we believe that the data did not travel,” added the spokesperson.

Six months after the incident

Why did it take six months before the CCQ had confirmation of data theft? “These are questions that I ask myself too. We have entrusted a mandate to an external firm to shed light on this subject,” said Audrey Murray.

The organization, which administers social benefits and the retirement plan for construction workers, specifies that it was the system of a subcontractor, Greenshield Canada, which was affected by the attack. The CCQ’s computer systems were not directly affected.

Other victims

The hacking of MOVEit by Cl0P pirates caused other victims in Quebec. Among them: the insurer Beneva, hit through Ernst & Young. The accounting firm, which provides external audit and financial statement services, was using MOVEit to transmit its client’s data when it fell victim to Cl0p hackers.

“Beneva worked in close collaboration with EY representatives, in particular for the transmission by EY of opinions to the people concerned,” explained Danielle Rioux last August. It was very important that they were supported in this situation and that they received a credit monitoring service as quickly as possible. »

EY itself undertook to notify affected clients in August. In a letter to a Beneva policyholder that La Presse obtained in August, the firm mentioned that the stolen information could include the date of birth, salary, medical condition as well as the amounts of pensions paid.

In Ontario, data from BORN, a Ministry of Health birth registry, was also compromised in the MOVEit hack. Hackers were able to steal information on 3.4 million mothers and children, including personal health information from fertility and child care clinics.

The MOVEit leak also affected the Canada Revenue Agency, but the organization assured CBC last summer that the stolen data was either already public or encrypted, therefore unreadable.

A subsidiary of the Montreal engineering firm WSP also had “a small amount of information” stolen. The data, however, excluded any personal or sensitive information, assured Sandry Vassiadis, head of global communications, last August.


source site-60

Latest