On June 20, 2019, an unknown individual gained unauthorized access to an employee email account through a phishing attack. The unknown individual set up an automatic forwarding rule such that all incoming emails were forwarded to a third party email address that appears to have originated from outside of Canada. The email address is unknown to the Organization. The Organization?s IT department determined that 1,180 emails were forwarded to the external email address between June 20, 2019 and August 27, 2019. Of those, an estimated 835 were identified as containing personal information. The breach was discovered on August 27, 2019 during a routine review of Microsoft Office 365.

File Type: pdf
File Size: 612 KB
Categories: 2020