Canadian Privacy Commissioner Suffers Data Breach
800 current and former employees' names, salary information and government ID numbers were exposed.
CBC News reports that the Office of the Privacy Commissioner of Canada has lost an unencrypted hard drive containing approximately 800 current and former employees' salary information (h/t DataBreaches.net).
The drive was lost on Feburary 14, 2014 during the office's move from Ottawa to Gatineau, Quebec, but it wasn't until April 9, 2014 that IT staff determined that the drive contained sensitive data, including employee names, government ID numbers and salary information.
"It is certainly humbling, but we will come out of this wiser," interim privacy commissioner Chantal Bernier told IT World Canada. "We've already learned precious lessons that we will be able to apply."
While the drive was unencrypted, Bernier said the data would be hard to read without specific software. "It's codes, it's very fragmented, it's very difficult to make sense of any information," she said.
Bernier says an external audit of the office's IT functions has already been scheduled, and she's ordered an immediate review of all physical asset and security policies and procedures.
Photo courtesy of Shutterstock.