Canada’s House of Commons probes cyberattack data breach
▼ Summary
– The House of Commons of Canada is investigating a data breach after a cyberattack stole employee information, including names, job titles, and email addresses.
– The attacker exploited a recent Microsoft vulnerability to access a database managing House of Commons computers and mobile devices.
– Employees were warned about potential fraud attempts using the stolen data, which could target or impersonate parliamentarians.
– The Canadian Centre for Cyber Security is assisting the investigation but has not attributed the attack to a specific threat group.
– Two Microsoft vulnerabilities (CVE-2025-53770 and CVE-2025-53786) are under active exploitation, with one linked to breaches of high-profile targets globally.
Canada’s House of Commons is scrambling to contain the fallout from a significant cyberattack that compromised sensitive employee data, raising alarms about potential identity theft and phishing risks targeting government officials.
Reports indicate hackers infiltrated parliamentary systems last Friday by exploiting a known Microsoft vulnerability, accessing a database containing confidential details about House of Commons staff. The stolen information includes employee names, job titles, office locations, and email addresses, data that could be weaponized for impersonation or fraud. While officials have not publicly confirmed the breach’s scope, internal emails obtained by CBC News warned employees to remain vigilant against suspicious communications.
The Canadian Centre for Cyber Security (Cyber Centre) confirmed its involvement in the investigation but stopped short of attributing the attack to a specific threat actor. “Attributing cyber incidents requires extensive resources and time,” a spokesperson noted, emphasizing the complexity of tracing digital intrusions. The House of Commons has yet to comment on whether the breach affected elected officials or operational systems.
Microsoft vulnerabilities under scrutiny Though authorities haven’t disclosed the exact flaw exploited, cybersecurity experts suspect the breach may be tied to two recently patched Microsoft vulnerabilities: CVE-2025-53770 (affecting SharePoint Server) and CVE-2025-53786 (targeting Exchange Server). The SharePoint bug, actively exploited since July, has been linked to state-sponsored Chinese hackers and ransomware groups targeting global entities, including U.S. federal agencies and European governments. Meanwhile, the Exchange vulnerability, flagged as critical by CISA, enables attackers to pivot across cloud and on-premises networks, risking total domain compromise.
Alarmingly, over 29,000 unpatched Exchange servers remain exposed worldwide, with hundreds located in Canada, according to cybersecurity firm Shadowserver. The Cyber Centre had previously urged Canadian organizations to patch these flaws immediately, underscoring their widespread abuse by malicious actors.
As the investigation unfolds, parliamentary staff have been advised to monitor for phishing attempts and report suspicious activity. The incident highlights growing concerns about government cybersecurity preparedness, particularly as threat actors increasingly target public sector networks with sophisticated attacks.
Updated August 14 to include additional details from the Cyber Centre.
(Source: Bleeping Computer)
