Tech Analysts Say Elgin Data Breach May Prove “Devastating” for Those Vulnerable to Identity Fraud

Technology experts raise questions about the lack of transparency of the municipality in dealing with the cases of theft of personal data in Elgin County which might prove to be devastating for the victims. 

A cyber-security incident in Elgin County has raised concerns about the lack of municipality in dealing with the situation of data breaches which may prove to be “devastating” for those affected, as said by the technology analysts. 

Information about 330 individuals, constituting 33 cases of highly sensitive data was knocked on the website and email system of Elgin’s County for almost a month states a County official. Moreover, personal and employment information of the workers of the County was dumped into the “dark web”, a digital domain accessed only through special browsers allowing users to anonymously share information. 

Julie Gonyou, Elgin’s chief administrative officer expressed that the information included details about the performance appraisal putting the reputations of multiple affected employees at risk. 

“This incident can be devasting in various ways, damaging the financial, reputational and emotional aspects. Since it may contain health records, job appraisals all is at a threat of going public” warned Michael Katchabaw, a teacher of computer science at Western University.

Ann Cavoukian, executive director of Global Privacy and Security By Design Centre showed resentment towards the municipality while delivering “very little transparency” of waiting for a month in disclosing the case. In addition to this, she agreed that this breach could lead to identity theft while causing a serious impact on the lives of people. 

Carmi Levy, a technology analyst in London, makes it evident by saying “The municipal delayed in addressing the issue while having knowledge about the incident from April 1st and setting the network offline till April 27th”.

The officials of the County were notified on May 3, while a release was released on Friday notifying the public about the cyber-security incident. The issue is still being examined by the investigators. No significant details are provided yet Gonyou asserted that it was not linked to ransomware. 

Elgin is offering one year of credit security and identity fraud services for the victims. Any suspicious activity needs to be reported as per the recommendation of the police on the official website of the Canadian Anti-Fraud Centre.

Suggested Read: Identity Theft Pushed to New Records with Buy-Now-Pay-Later Boom in Australia