TTC lacked proper measures to prevent 2021 cyberattack despite internal warning years earlier: reports
CTV
A report by the provincial privacy watchdog has found that Toronto’s public transit system was not prepared for the cyberattack that knocked down some of its communication systems and compromised the private information of more than 25,000 employees in 2021 -- despite an internal warning from the commission's security department issued years prior.
A report by the provincial privacy watchdog has found that Toronto’s public transit system was not prepared for the cyberattack that knocked down some of its communication systems and compromised the private information of more than 25,000 employees in 2021 -- despite an internal warning from the commission's security department issued years prior.
The breach, first reported in late 2021, compromised the personal information of approximately 25,000 past and present employees. That information included employee names, addresses, and social insurance numbers (SIN). The attack also took down several customer-facing systems, including trip-planning apps, the TTC website, and the online Wheel-Trans online booking portal.
While the TTC has released few details about the breach, a report authored by Ontario’s Information and Privacy Commissioner (OIPC) that was released in April sheds some new light on what happened, including the fact that it was made possible after an employee repeatedly fell for a phishing attempt.
The report also suggests that the breach was exacerbated by a failure of the commission to ensure its security software was kept up-to-date, despite having standards in place that instructed otherwise.
“In the course of investigating [...], it became clear that at the time the incident occurred, the TTC did not have adequate security guidance in place [...] and, in the case of the vulnerability exploited, failed to apply the guidance it did have in place,” OIPC investigator Jennifer Olijnyk wrote as part of her findings. According to the report, it wasn’t made clear to the investigator why the commission failed to implement a software update that its own security department has recommended
Olijnyk's findings were not the first to suggest the TTC had been vulnerable to cyberattacks. In 2018, the TTC's security department warned the commission that it did not have adequate measures in place to safeguard against the risk of cyberattacks, according to an internal report reviewed by CTV News Toronto.
The report, an internal analysis authored by an Emergency Planning Officer in the Security Department, was presented to the commission's Audit and Risk Management Committee in July 2018, it says.
With the rising cost of living, some people are looking for side-hustles to try and make some extra money. However, you must watch out for job scams.
The union representing staff at Global Affairs Canada says the foreign service is laying off dozens of its highest-skilled diplomats, while asking other envoys moving across continents to wait months for their personal items.
The death of Air Canada Jazz pilot Antoine Forest, who perished when his plane collided with an emergency vehicle at New York’s LaGuardia Airport, has sparked an outpouring of sympathy in his hometown southwest of Montreal.
Nova Scotians are expected to find out today how much their power rates are going up.
At a time when maternal care in British Columbia is barely meeting the needs of patients, a Vancouver Island midwife could be forced to leave the country over a paperwork snafu.
A local dance studio has started an initiative to help everyone experience dance for themselves, no matter their ability or financial status.
Saskatchewan’s Official Opposition accused the provincial government of neglecting northern infrastructure in this year’s budget, citing the severity of last year’s wildfire season.
At a time when maternal care in British Columbia is barely meeting the needs of patients, a Vancouver Island midwife could be forced to leave the country over a paperwork snafu.
The Kinew government is eliminating a tax on food as affordability continues to be a focus for Manitobans in their day-to-day lives.
At a time when maternal care in British Columbia is barely meeting the needs of patients, a Vancouver Island midwife could be forced to leave the country over a paperwork snafu.
A Guelph man has been found not criminally responsible for the death of Michael Gallizzi, whose remains were discovered inside Preservation Park in early 2024.
Ontario’s Special Investigations Unit is investigating the circumstances surrounding the death of a 30-year-old man March 23 in Elk Lake in northeastern Ontario.
One of the whistleblowers behind allegations of controversial dog experiments at St. Joseph’s Health Care London is speaking publicly for the first time since the research program was revealed last summer.