BANFF – The Town of Banff’s ongoing investigation into a cybersecurity breach in March has confirmed the type of residents’ personal information accessed or taken during the hacking of the municipality’s computer systems.
Town of Banff officials say the personal information that may have been accessed relates to current and former Town of Banff employees, current and former Banff residents and property owners, business owners, participants in municipal programs, applicants for employment with the Town, applicants and holders of municipal permits and licences, and individuals from out of town who have interacted with the Town through service requests or parking infractions, but not parking payment.
They say the types of personal information the Town collects about these individuals varies, but includes information such as names, email addresses, physical addresses, phone numbers and in some cases employment information, financial information, vehicle details, signatures, immigration status information, mortgage information, dependent information, drivers’ licences, passport numbers, birth dates, marital status information, credit card information, and social insurance numbers.
“We have more definitive proof that the unauthorized third party who illegally accessed our web systems, or our servers, was able to access a lot of information that did involve personal information,” said Jason Darrah, the director of communications for the Town of Banff.
“They (the cybersecurity experts) were able to determine that about 130 gigabytes of data may have been accessed, and so to put that into context, we manage about a terabyte of information so this is a portion of that – it’s a large portion.”
Darrah said the Town of Banff was never locked out of or prevented from accessing any of its systems or data.
He said there has been no evidence found so far of misuse of any data stored by the Town.
“The cybersecurity team believes that the personal information is not at risk,” he said.
The Town of Banff still isn’t saying whether anyone has threatened to sell or release data that was accessed as part of any ransom demand.
“I am sorry I can’t provide an answer to that specific question at this time because of the ongoing nature of the investigation,” Darrah said.
On March 19, the Town of Banff detected it was subject to a cybersecurity incident perpetrated by an unauthorized third party, which affected the municipality’s computer systems.
The Town of Banff was quick to hire a team of cybersecurity experts, inform the RCMP and contact the Office of the Information and Privacy Commissioner of Alberta about the incident.
The municipality’s security experts also continue to monitor for suspicious activity.
“We take protection of personal information as a top priority, only below the safety and security of individuals in our community,” said Darrah,
“This was a very concerning activity, but we are doing our best to ensure that all data is secure and have taken extraordinary steps to protect the data and personal information.”
The Town of Banff disconnected web-based systems after unauthorized access to its systems was first detected.
Public access was not restored to some web-based applications as a measure to secure its network. This affected a host of online systems such as action requests, business licensing, tender opportunities, pay parking systems, and traffic cameras among others.
However, as of April 15, most computer systems and web applications that residents use to interact with the Town of Banff were fully available and more than 80 per cent of all internal systems used by employees were operational.
“Pretty much everything that was affected has been brought back,” said Darrah.
Residents are encouraged to take basic steps to protect their information, such as monitoring accounts for suspicious activity, updating passwords, using tools available from banking institutions to monitor account activity and updating personal security software and operating systems regularly to ensure these systems are up to date.
Any inquiries about this matter can be directed to [email protected] or by calling 403-762-1200 between the hours of 8:30 a.m. and noon, or between 1 p.m.. and 4:30 p.m.
“We’re trying to be as transparent as possible,” said Darrah.
“We’re taking extra steps to inform our community about the unauthorized access so that people can take additional measures and that includes being really vigilant about your own passwords and things like that.”
