Canada’s COVAXX system suffered a data breach attack

December 15, 2022
Ontario Canada North America COVAXX Data Breach Cyberattack Fraud Prevention Spam

The COVAXX system in Ontario, Canada, has been impacted by a data breach attack which affected thousands of individuals. According to the Canadian province’s spokesperson, the breach in their system was still a part of the attack against their vaccine management last year.

Based on reports, the company will disseminate notices to more than 360,000 affected individuals next week. The notifications will include a warning for the recipient’s exposed personal information.

Ontario’s Ministry of Public and Business Service Delivery explained that the recent data breach on the COVAXX system was still caused by a cybercriminal campaign in the early weeks of November last year.

Additionally, the ministry stated that they had been coopering with law enforcement agencies, the Ministry of Health, and Ontario’s privacy commissioner to identify the scope and impact of the data breach attack. However, the ministry did not include in his statement how the data breach occurred against their system.

 

Two individuals were apprehended after conspiring with the attack, which caused the data breach incident on Ontario’s COVAXX system this year.

 

One of the apprehended individuals who orchestrated the breach of the Canadian province’s COVAXX system is a 21-year-old person who lives in Ottawa. The suspect was a former vaccine centre staff member of the Ontario Ministry of Government and Consumer Services.

The other accused person is a 22-year-old man from Vaudreuil-Dorion. Both apprehended individuals have been charged with unauthorised use of a computer.

Authorities explained that at the time of the data breach incident, the provincial government had gotten reports of spam texts from people who had accessed their vaccine certificates or scheduled their vaccine appointments via the local booking system.

Furthermore, the malicious spam text message requested recipients to provide personal information. Fortunately, the ministry elaborated that in more than 95% of the cases, the data breach affected only names and phone numbers.

The vaccine booking system is constantly monitored and tested by its admins through the Ministry of Health’s cybersecurity protocols. Lastly, users are assured that the COVAXX system remains a secure tool everyone can access for vaccination-related transactions.

About the author

Leave a Reply