Statement from the Office of the Chief Information Officer of the Government of Canada

March 19, 2021 – Ottawa, Ontario – Treasury Board of Canada Secretariat

On March 14, 2021, the Government of Canada was made aware of a possible ransomware attack on a private company that provides services to International and Canadian clients, including to some federal departments and agencies. No cyber threat has been directed at the Government of Canada, nor its information technology infrastructure.

At this time, there is no indication that there has been any unauthorized disclosure of any personal information of Canadians handled by the company and originating from the Government of Canada.

The Treasury Board of Canada Secretariat in coordination with the Canadian Centre for Cyber Security (the Cyber Centre), along with other government departments and agencies, continues to monitor the situation and assess any potential impacts. Further updates, to inform Canadians of any developments, will follow. Should any unauthorized disclosure be discovered, the government will engage those who have been impacted, as well as privacy and law enforcement authorities. 

Knowing how to prevent and recover from ransomware attacks is an essential part of a good cyber security strategy. To help small and medium businesses and organizations protect their systems, the Cyber Centre has developed baseline security controls that can help. As always, if any Canadian businesses or organizations suspect they have been targeted by cyber threat activity, we encourage them to contact local law enforcement or the Cyber Centre.

More information on ransomware and other types of cyber threats is available through the Canadian Anti-Fraud Centre.