Suspected state-sponsored hackers hit 22 Canadian provincial government inboxes

A suspected state-sponsored hack of government systems in British Columbia, Canada’s westernmost province, is believed to have affected 22 email inboxes containing sensitive information about 19 people, a minister said on Monday.

Mike Farnworth, the province’s public safety minister, told journalists that there was currently “no indication that the general public's information was accessed,” as reported by the country’s public broadcaster CBC.

“We have not identified any misuse of this information or found evidence that the actor accessed specific files,” Farnworth added.

The minister said none of his cabinet colleagues were impacted by the hack, which Shannon Salter, the province’s deputy premier, previously described as conducted by a state-sponsored actor that made three attempts to compromise government systems.

“These were employee files. And with one exception being an employee who had family on their inbox,” said Farnworth. “All the individuals have been notified and will be receiving credit monitoring and identity protection supports."

The identity of the state that may have been behind the incident remains unclear, but it follows the Canadian Security Intelligence Service (CSIS) last week publishing an annual report including a warning about persistent Chinese interference in Canadian political affairs.

“Canada’s strong democratic institutions, advanced economy, innovative research sectors, and leading academic institutions make Canada an attractive target for cyber-enabled espionage, sabotage, and foreign influenced activities, all of which pose significant threats to Canada’s national security,” the report stated.

Chinese state-sponsored threat actors were cited in the report which warned these groups “continue widespread cyber espionage against a range of sectors and targets within Canada, including government, academic institutions, private industry and civil society organizations.”

The CSIS also identified India, citing “the deterioration in the bilateral relations” between the countries following the potentially Indian state-sponsored assassination of Sikh separatist Hardeep Singh Nijjar, which took place in British Columbia in 2023 — the same province as these three cyberattacks.

However the report stated that to-date CSIS had observed only “low-sophistication cyber operations against Canada by India-aligned non-state cyber actors. There is no indication that the Government of India was responsible for these cyber incidents.”