Rideau Hall cyberbreach was ‘sophisticated’ incident, internal documents show – National

Newly disclosed documents reveal the breach of an internal computer network at Rideau Hall was described to senior government officials as a “sophisticated cyber incident” in the days before the public was told of the security lapse.

Internal government emails, obtained by The Canadian Press through the Access to Information Act, also say officials were “unable to confirm the full extent of the information that was accessed.”

Read more:

Rideau Hall internal cyber network hit by ‘breach’ — effects unclear

As a result, the Office of the Secretary to the Governor General was looking to make credit monitoring services available to employees due to concerns that sensitive personal information might have been pilfered.

All managers were encouraged “to reflect on the information holdings they manage in their respective units” and raise any concerns they might have, says a Nov. 17, 2021, draft of a message that was to shared with Rideau Hall employees.

Story continues below advertisement

In a Dec. 2 news release, the Office of the Secretary to the Governor General said there was “an unauthorized access to its internal network” and that it was working on the investigation with the Canadian Centre for Cyber Security – a wing of the Communications Security Establishment, Canada’s electronic spy service.

It mentioned efforts to improve computer networks as well as consultation with the federal privacy commissioner’s office.

Ciara Trudeau, a spokeswoman for the Office of the Secretary, said it communicated with Rideau Hall employees and “external partners who may have been affected by the incident.”

However, she declined to provide a general update on the breach, the sort of information accessed, or other details about how and why it took place.

Trudeau also would not discuss the provision of secure credit monitoring services to employees.

The internal emails indicate several senior Privy Council Office officials were advised of the breach two weeks before the event was made public.