MOVEit cybersecurity breach cost Nova Scotia nearly $4M
On the eve of the anniversary of a massive, world-wide cybersecurity breach, the Nova Scotia government says the response to the MOVEit hack cost the province $3.8 million.
The breach occurred May 30 and May 31, 2023, and affected multiple organizations and millions of people around the globe.
The online hack involved a file transfer service called MOVEit, which is used by the private sector and governments, including Nova Scotia.
The software is made by Burlington, Massachusetts-based company Ipswitch and allows organizations to transfer files and data between employees, departments and customers.
In a news release Wednesday promoting the final report into the online hack, Nova Scotia’s minister in charge of Cyber Security and Digital Solutions said the province has learned a number of lessons from the MOVEit breach.
“We made changes immediately, and we’ll continue to strengthen our defences to keep Nova Scotians’ information as safe as we can,” said Colton LeBlanc.
After the U.S. company initially notified the government of Nova Scotia of a critical vulnerability within its system, the province took the service offline and issued more than 168,000 notification letters Security updates were installed, allowing for the province to bring the service back online.
In its release, the Nova Scotia government says the province is committed to further action on the evolving issues around cybersecurity.
“I’d love to be able to say we will never face another cybersecurity breach,” LeBlanc said. “Cyber threats are unfortunately a reality in the world we now live in. Everyone – governments, private companies and people – are all at risk. We must take steps to protect ourselves.”
According the province, an analysis of the breach confirmed stolen files contained sensitive personal information such as social insurance numbers and banking details for some employees, as well as the personal health information of 1,923 patients.
The province sent out more than 168,000 notification letters to Nova Scotians whose personal information was caught up in the breach. Credit monitoring from TransUnion was offered to those whose sensitive personal information was stolen and some 30,000 people signed up for the service.
Up to this point, the province says it has not been made aware of anyone who has had their personal information used inappropriately as a result of the MOVEit breach.
Last August, the province said certified teachers born in 1935 or later were among those whose personal information was stolen, which included personal details about deceased people.
In June 2023, a group known as Clop, which claimed to be behind the attack, said they deleted all the stolen data from governments, cities, and police services but are keeping information from private companies.
Cybersecurity expert Scott Beck told CTV News Wednesday this breach showed that in this day and age, it’s not a matter of if it will happen, but when.
“How well you respond determines how bad the impacts will be,” he said. “While It’s important to try and prevent incidents from occurring, it’s even more important to detect when something doesn’t look right so you can respond quickly to minimize the impacts.”
Beck said while this incident shows the province has room to improve, Nova Scotia took the right steps after the fact.
Nova Scotia continues to use MOVEit, which it says is essential to delivering core government services. However, in its final report, the province said there is enhanced security within the file transfer system.
Other final report recommendations include:
- Improving how data is classified and managed.
- Ensure enhanced capacity to respond to large-scale breaches.
- Requiring all staff to take mandatory cybersecurity awareness training every year.
For more Nova Scotia news visit our dedicated provincial page.
CTVNews.ca Top Stories
![](https://www.ctvnews.ca/polopoly_fs/1.6975012.1721775341!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg)
Canadian Olympic Committee offers 'heartfelt apology' after New Zealand accuses Canada Soccer of spying
The Canadian Olympic Committee offered a 'heartfelt' apology to New Zealand Football Tuesday after the New Zealand women's club accused the Canadian women's team of spying on them during a training session.
Jasper evacuees forced into B.C. to flee fires told to make U-turn to Alberta for aid
Thousands of wildfire evacuees forced from Jasper National Park into British Columbia along smoke-choked mountain roads Monday night were directed Tuesday to make a wide U-turn and head home if they needed a place to stay.
Pennsylvania state police commissioner reveals stunning details about Trump shooting
A local law enforcement commissioner revealed during a House Homeland Security hearing on Tuesday stunning new details about the security failures that led to the near assassination of Donald Trump, raising more questions for the embattled U.S. Secret Service.
Sunday was the hottest day ever recorded on Earth, scientists say
Sunday was the hottest day ever recorded, breaking global temperatures dating back to 1940, according to preliminary data from Europe's Copernicus Climate Change Service.
Polar bear at Calgary Zoo died by drowning following 'crushing' injury
The Wilder Institute/Calgary Zoo has revealed the cause of death for polar bear Baffin last week.
Clip resurfaces of Vance criticizing Harris for being 'childless,' testing Trump's new running mate
Comments Donald Trump’s running mate JD Vance made in 2021 questioning U.S. Vice President Kamala Harris’ leadership because she did not have biological children have resurfaced, testing the young conservative senator in his early days campaigning as part of the Republicans' presidential ticket.
'Bigger than just the record': Football fan eyes world record for quickest visit to all CFL stadiums
A CFL super fan is two-thirds of the way into his record-breaking attempt to visit all nine stadiums in the Canadian Football League in 15 days.
Laws that could get Canadians in trouble in tourism hotspots
There are some laws in popular tourist destinations around the world that could land Canadian travellers in mild-to-serious trouble if they're not careful. Don't let these local laws land you in hot water during your next vacation abroad.
'Stars are aligning' for Bank of Canada rate cut: economists
The Bank of Canada is expected to deliver a dose of interest rate relief Wednesday when economists and market watchers predict the central bank will cut its overnight lending rate.