Hackers have obtained personal information on all Investissement Québec employees, it has been learned The newspaper.
• Also read – Investissement Québec: “Fees” multiplied by four
“One of our suppliers was the victim of a confidentiality incident,” a spokeswoman for state-owned company Gladys Caron confirmed, refusing to identify the company involved.
“Of course, as soon as we became aware of the situation, we launched an investigation to understand the implications and what happened in the case,” she continued.
IQ currently has just over 1,000 employees. The hackers also had access to data on an unknown number of ex-employees.
“All of our teams are mobilized to ensure employees are offered support with credit monitoring services, identity protection and all that,” Ms. Caron said.
No customers affected
She assured that no IQ customer was affected by the data leak.
IQ wouldn’t reveal the type of information the hackers had access to, but according to Karim Ganame, cybersecurity specialist and president of the company StreamScan, it’s likely the victims’ first name, last name, social security number, and date of birth.
“It’s the data that makes identity theft possible,” observed Mr. Ganame. All this data combined is a gold mine for a hacker.
According to the expert, the criminals were probably involved for a long time.
“They dig into the systems [de l’organisation ciblée] to end up in the right database containing the data you want, he explained. This means that in reality the attacker was probably on the network for a long time.
IQ told the Journal that, to its knowledge, the stolen data has not yet landed on the “dark web”, which is not surprising given the circumstances.
“Pirates are in no hurry. They wait a few months, a few years for the storm to pass,” Karim Ganame recalled before using the stolen data.
Do you have any information about this story that you would like to share with us?
Do you have a scoop that might be of interest to our readers?