A union that represents public sector workers in Ontario says it was hit by a “cybersecurity incident” on Wednesday but it cannot say what data, if any, was compromised by the attack.
The Ontario Public Service Employees Union (OPSEU), which has 180,000 members across the province, said an investigation has begun into the attack, which was reported to members on Thursday.
“All signs point to this being an attack by sophisticated actors,” Kelsea Mahabir, spokesperson for OPSEU, said in an email on Friday.
Mahabir said the incident was not a failure of the union’s IT teams or systems.
“Upon discovering the incident, we immediately implemented countermeasures to contain the incident and engaged third-party cybersecurity experts to assist with containment, remediation and to conduct a thorough investigation to assess the cause and extent of this incident.”
If the investigation finds any personal information was impacted, OPSEU says it will notify those affected “promptly.”
On Sunday, Mahabir said the union had regained access to its communication tools and was in the process of restoring its servers.
“We’re getting closer to a return to normal,” Mahabir said in an email.
In a message on its website, dated Thursday, the union blamed an “unauthorized third party” for accessing its IT systems.
“Our investigation is still in its early stages. We are conducting a thorough review and validation of our systems as part of this incident and are gradually bringing them back online,” the union said in the message.
The union added that it is working with outside lawyers and the police, and its members should expect disruptions to normal operations.
It encouraged members to monitor their financial accounts and contact their banks immediately if they notice any suspicious activity. Members are also urged to be cautious of “unsolicited communications that request personal information” or that direct them to a web page asking for such information.
Toronto police directed all questions about the incident to the union.
Image by Freepik
