VICTORIA – British Columbia Premier David Eby said late Wednesday that the province had identified a “high-level cybersecurity incident” involving government networks.
Officials later said the incidents were related to a directive early last week to all state employees to change their passwords immediately.
The directive was previously described as a precaution by B.C.'s Office of the Chief Information Officer in a statement suggesting the government is “regularly updating security measures.”
Eby said in a statement that the provincial government is working with the Canadian Cyber Security Center and other agencies to determine the scope of the incident, but there is currently no evidence that confidential information was compromised.
Eby said the investigation is ongoing and further work is needed to determine what information may have been accessed.
He said the Information and Privacy Commissioner had been informed about the incident.
Eby said the government would be as transparent as possible and update the public with the latest information “without compromising the investigation.”
Government officials received an email late Wednesday from Shannon Salter, deputy minister and director of public services, informing them of the incident.
“As investigations into these incidents continue, we will change passwords from 10 to 14 characters upon request and any other instructions to improve security,” the email, obtained by The Canadian Press, said. Please respond promptly.”
A statement filed last Thursday by the Office of the Chief Information Officer suggests that the initial request to update passwords earlier that week was routine.
“OCIO is taking precautions to protect government data and systems,” the statement said.
“As a security precaution…password length has been increased from 10 to 14 characters. Regularly updating security measures helps keep government data and systems safe.”
In other incidents in recent weeks, hackers targeted B.C. libraries and tried to extort payments to withhold information about patrons, and retailer London Drugs was forced to respond to a cybersecurity breach. The store was forced to close for more than a week.
Officials said officials were told there was no indication the government's case was related to the library hack or the London Drug shutdown, but said the matter was still under investigation.
— By Brianna Charlebois in Vancouver
This report by The Canadian Press was first published May 8, 2024.
canadian press
