A computer flaw has forced the Department of Finance to launch a $40,000 “cyber-investigation” to ensure the situation is “corrected”.
• Read also: The failed forecasts of Minister Girard
The contract with Enquêtes Forensik inc. was concluded by mutual agreement on July 15.
The flaw was discovered in early July, but the ministry declined to say how long it had been in place.
“The flaw was quickly corrected. The Ministry of Finance is taking all necessary means to ensure the integrity of its computer systems and the confidentiality of the data they contain,” assured Philippe Bérubé, spokesman for the government body.
Not sensitive
The ministry also affirms that “the system in question did not contain personal or sensitive information and was not linked to direct services to the population”.
A statement that raised eyebrows a computer security expert consulted by our Investigation Office.
“The fact of having hired experts of this type probably means that they had clues that something had been exploited”, analyzed the expert in cybersecurity, Éric Parent.
Vulnerabilities
Giving a contract to a private firm when there is no indication of data exploitation would be the equivalent of “doing a COVID test every time you go grocery shopping”.
“Exploitable vulnerabilities in IT, all organizations have them. It is calculated in tens of thousands. There is no need to panic: you patches the bobo”, added the president of EVA Technologies.
He also finds it not very credible that the department used $40,000 of public funds if it did not at least suspect the exploitation of sensitive information.