Revenu Quebec announced today that its employees were the victim of personal data leaks. According to the organisation, an employee collected the information of over 23,000 current and former employees.
The vast majority of data collected included the first and last name of employees, as well their social insurance numbers. So far, Revenu Québec has found no evidence that this information was used for "malicious purposes."
Revenu Québec wants to reassure non-employee citizens that their personal data was in no way compromised.
According to Revenu Québec, an internal investigation was conducted which revealed that an employee, who has since been fired, compromised the data of 23, 000 current and former employees.
According to a press release, the former employee "transferred the data of 23,000 individuals from the organization's current and former employees, as well as employees from different service providers, outside of the organization's workplace."
We reached out to Revenu Québec to ask why the internal investigation was conducted, but they cannot comment on the ongoing investigation.
The organisation found out about the data breach on July 25, and immediately contacted Sécurité Québec. Revenu Québec stated that they were unable to tell employees until earlier today, as they did not want to compromise the investigation.
In the "vast majority" of cases, first names, last names and SIN were taken by the former employee. In some cases, birth dates and salaries were also breached.
As of now, it does not appear that this information hasbeen sold to a third party.
Revenu Québec seeks to reassure citizens who may be worried about their own personal data.
Geneviève Laurier, spokesperson for Hydro-Quebec, had this to say when asked about what is being done to prevent this situation from happening with citizens' information:
"We are constantly working to improve and improve our control processes and we place the utmost importance on protecting the personal and tax information of citizens and our employees."