Canadian police documents on the run
Since last week, there has been information that 38 Canadian police forces have documents that are in free circulation on the Internet.
Among them, RCMP documents are also believed to be at large.
This article will also interest you: The "BlueLeaks": the huge leak of data from the American police
Apparently this is due to cyber criminals that they voluntarily disclosed them. This incident has been going on since June, it seems. The same group of cybercriminals allegedly managed to steal information and memos from the same police officers in the United States. In all personal apartment information to police officers. This was even at the heart of a famous data leak that has been talking for weeks. A leak called the BlueLeaks, on the evening of June 19. And now we learn that it wasn't just the American police who were affected by this Data Leak problem,
"A group of hackers managed to seize documents, including internal memos and emails, from police departments across the United States. There was also personal information about some police officers. The DDOSecrets group, which claims to have received this data from members of the collective Anonymous, had revealed this information on 19 June. The leak was titled BlueLeaks. explains Katherine Brulotte for Reuter.
The Royal Canadian Mounted Police confirmed in a letter that it had also been a victim of this computer hack by 37 other Canadian police services. This stolen data is already in circulation.
According to the National Cybercrime Coordination Group (CNG3), the information stolen and then disclosed on the Internet was not sensitive enough to jeopardize any action by Canadian police forces. This data is partly related to the formation of administration as well as unclassified materials. In this way, no sensitive information concerns the leak.
In addition, the identity of the Royal Canadian Mounted Police was disclosed as a victim of this data leak, and the other 37 police forces were not mentioned in the mail. The Police Authority of Canada claims to have friends a process for us only to authenticate fruity data but also notified to those directly affected by the problem. This includes current and former employees.
It was on 18 September that the Office of the Privacy Commissioner was informed by this data leak, which is less than 3 months old. This raises concerns on this side. "We are l[le rapport]ooking at the next steps. This incident raises serious concerns given the sensitivity of the information involved. a spokesman for the commissioner's office said in a statement.
As a reminder, the National Cybercrime Coordination Group (CNG3) was established within the Royal Canadian Mounted Police last April. As the objective is to facilitate the coordination of investigative efforts to determine the extent of the security flaw leading to data leakage. Asked about the problem, Inspector Daniel Côté, the first head of CNG3, said that the partners conducting the investigation in collaboration with the institutions were able to determine the extent of the data leak. The latter notes, however: "All the information that was online was administrative in nature, so training registration, travel, things like that, so nothing secret. ».
"Administrative data can still be a risk," says Steve Waterhouse, a former computer security officer at National Defence. According to this expert, the administrative file necessarily contains information that can be used to identify the persons concerned, i.e. the police. These include names, first names and geographical addresses, etc. This may in some context compromise police officers is undercover where to put their families at risk.
For further details, the Royal Canadian Mounted Police says the information was hacked on the U.S. side. The data of Canadians has been mixed up because of a collaboration that exists between these different police forces. In other words, no police training system in Canada has been subjected to intrusion. The leak is simply American.
"As soon as we share information with our partners, we lose control. Once the data is passed on to the other party, it becomes the partner's responsibility to protect safety," notes Waterhouse.
Now access an unlimited number of passwords:
