Canada Border Services Agency | Agence des services frontaliers du Canada

Canada Border Services Agency suffered a data breach incident after a contractor led to the unauthorised access of up to 1.38 million licence plates and related information. 

The investigation found that the contract lacked clauses with respect to security safeguards, including for the protection and retention of personal information.

Bad actors were able to break into the third-party contractors’ systems through an unpatched and decommissioned server, where they were able to access, copy, and remove files from the network, before posting some of the data on the dark web.

The breach exposed around 9,000 licence plate photos of travellers crossing into Canada from the border crossing in Cornwall, Ontario.

Source: https://ca.topclassactions.com/lawsuit-settlements/data-breach/border-agency-data-breach-exposes-1-38m-licence-plates/

"id": "CAN206221122",
"linkid": "cbsa-asfc",
"type": "Breach",
"date": "10/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"