The Saskatchewan Liquor and Gaming Authority (SLGA) has released more information regarding the cyber attack that they were victims of in late 2021.
SLGA’s cybersecurity experts found that the criminals who attacked their IT systems accessed some data associated with SLGA employees, including information collected by employers such as names, banking information and social insurance numbers.
Since then, the SLGA has advised both current and former employees that their personal information may have been accessed and suggested steps employees could take to help ensure the security of their personal information.
The SLGA also found that some personal information relating to the crown corporations’ clients may also have been accessed. These include individuals who have provided detailed personal information to obtain commercial liquor permits, cannabis permits or registrations, gaming registrations or horse racing licenses.
The SLGA said that they will indirectly notify the clients as well as directly notify clients who provided SLGA with sensitive personal information within the past five years.
That information may include place and date of birth, driver’s licence, height, weight, eye colour, employment history, criminal record history and financial disclosures.
Cyber experts also found evidence that some of this information was disclosed on the dark web.
SLGA has also engaged third-party experts to conduct an audit of SLGA’s cyber security systems, policies, and procedures as well as policies related to document protection and retention.
The investigation related to this cyber event is ongoing.