Personal information of about 750,000 Canadian investors has been impacted by a “sophisticated phishing attack,” according to the Canadian Investment Regulatory Organization, in an update on the fallout from a major breach disclosed in August.
Information that might have been exposed includes dates of birth, phone numbers, income, social insurance numbers, government ID numbers, investment account numbers and account statements, CIRO said in a statement Wednesday, after thousands of hours of investigation into the incident with external experts.
CIRO started notifying affected investors on Wednesday and will offer them two years of credit monitoring and identity theft protection with major credit agencies. The watchdog said there’s no evidence yet that the information has been misused, but it is continuing to monitor threat activity and dark web exposure.
CIRO announced in August that a preliminary investigation had revealed that registration information for member firms and registered individuals had been affected. The watchdog’s update on Wednesday provided further details on the full extent of the incident.
The ferry, operated by MSC’s Grandi Navi Veloci unit, was immobilized Saturday in the southern French port of Sète as it prepared to sail to Algeria, the people said. The vessel was held to allow French authorities to confirm that operational systems had not been compromised. It eventually departed Sunday morning.
A spokesperson for the Grandi Navi Veloci unit told Bloomberg the company detected and neutralized an intrusion attempt on one of its ferries. The inquiry involving French and Italian officials remains ongoing.
Authorities are examining whether the attempted intrusion is linked to Russia’s military intelligence agency, the GRU, according to people familiar with the investigation. While no public attribution has been made, that assessment is based on forensic analysis and overlaps in tools, techniques and procedures with activity described in public reporting by US agencies, including the FBI and the US’ Cybersecurity and Infrastructure Security Agency, the people said. They spoke on condition of anonymity to describe an ongoing inquiry.
The episode has heightened concern among security officials about the cybersecurity risks facing maritime transport, especially physical attempts by adversaries to access ships’ onboard networks for tampering and conducting long-term surveillance. MSC controls the world’s largest container fleet and plays a key role in global trade linking Europe, Asia and the US.
Such breaches pose a global security risk because maritime transport carries the vast majority of world trade. Hacks can ripple across supply chains, threaten critical infrastructure and expose sensitive military and commercial movements worldwide.