The City of Toronto says it suffered a “potential cyber breach” from a possible attack on its Accellion FTA file transfer server in January. The leak may have compromised the health-related information of individuals.
In a statement issued yesterday, the city initially said someone notified them of a potential cyber breach related to an unnamed “third-party” file transfer software vendor that took place on Jan. 22. Later, the city staff confirmed in a comment for IT World Canada that the incident involved Accellion’s software.
Answering a question why it took so long to publicly reveal the incident, a city spokesperson said they couldn’t make an official statement until the office of the chief information security officer (CISO) has finished investigating. The CISO issued a report about the investigation on April 20.
“It takes time to reach any sort of conclusion in view of the legacy system that was breached and the extent of investigation required,” the spokesperson said.
Exactly how many people’s personal information was exposed is still unknown and being investigated, according to the spokesperson. She added the city has not received any ransom demand and nor did any individual that they are aware of as a result of this breach.
In its statement, the city said its security team took immediate action and shut down access to the software that same day. The city’s CISO immediately launched an investigation to see if any data might have been compromised.
The city has reported the incident to the local Information and Privacy Commissioner.
“The city is obligated to notify the IPC in any instances where personal health information is impacted,” the spokesperson said. “The IPC was notified because there is the potential that personal health information was accessed.”
The city of Toronto promised to notify its citizens if it would be determined they had been impacted in the attack.