Hundreds Of Thousands Of People Affected Due To Last Year’s COVID Booking System Data Breach

You might recall that there was a text message scam from last year where people who booked a COVID vaccine were getting text messages asking for all sorts of personal information. It didn’t take long for two people to get charged with being behind this scheme. And one person who was arrested was an insider as they worked for the vaccine contact centre which is part of the Ontario Ministry of Government and Consumer Services. Once again proving that your organization’s biggest threat vector is your people. Well, the damage has been tallied and it’s not good. The breach resulted in the names and phone numbers of about 360,000 people being leaked. CBC has details:

Beginning Friday, some 360,000 people will receive notices that their personal information was part of the November 2021 data breach of the COVAXX system, the Ministry of Public and Business Service Delivery said in a statement Friday. 

The ministry said it had been working with the Ministry of Health, police and the Ontario’s privacy commissioner to determine the scale and impact of the breach. The ministry’s statement does not say how it occurred.

I for one would be very interested in what lessons the Ontario government learned so that this doesn’t happen again. Because 360,000 is not a small number of people to be affected by something like this. And I think that all Ontario citizens would be very interested in this information as well. People have to have trust that their information is going to be protected. And given the scale of this breach, I would be wondering if the Ontario government has the right people, tools, and controls in place to stop this from happening again.

Leave a Reply

%d bloggers like this: