The Treasury Board Secretariat (SCT) has asked the Sûreté du Québec (SQ) to investigate a leak of personal data from public service application processes.
In total, the personal information of 31,450 individuals is affected by this breach of confidentiality, the ministry said in a statement on Wednesday.
The SQ investigation will determine the impact of this breach of confidentiality. At present, there is no indication that this data has been used for malicious purposes, said Antoine Tousignant, spokesman for the SCT.
“We want to reassure the people concerned, these are people who were invited to qualifying exams to enter the government between 2007 and 2012, he said in an interview. It’s very preventive, like an operation. »
Found at an employee’s
Work documents that belong to the Government of Quebec as well as files that contain personal information were found on external computer media, at the home of an employee, contrary to the security practices in effect.
“It is not a recommended or recommended practice to have documents, data like that, in your possession,” said Mr. Tousignant.
It was not possible to know whether sanctions were imposed on the employee concerned.
The information targeted by this breach of confidentiality comes from databases linked to the candidate qualification process. In the vast majority of cases, the data found are the surname, first name and social insurance number.
The leak of this information was not caused by an attack on the department’s computer systems. “The reliability of computer systems is not called into question, we are not talking about intrusion, it is the human being who is at stake in this,” said Mr. Tousignant. As government employees, we all have important responsibilities with regard to the protection of personal information. »
The people affected by this breach of confidentiality will be informed by letter in the coming weeks. According to the conclusions of the investigation, the Conseil du trésor will implement the necessary support measures for these people.
The Information Access Commission and the Government Cyber Defense Center have been notified of the situation.
According to the Treasury Board, measures have been put in place to prevent such a situation from happening again.