• Thanks for stopping by. Logging in to a registered account will remove all generic ads. Please reach out with any questions or concerns.

BGRS Hacked

Ludoc

Member
Reaction score
64
Points
430
It looks like the reason the BGRS website has been down is it was hacked.

https://www.cbc.ca/news/politics/military-relocation-hacked-bgrs-1.7003766

The government confirms a data spill of personal info:
[GoC] confirmed that unauthorized access was obtained to Government of Canada (GC) personnel information held by BGRS and as such we are providing notification of this incident

It also told members to monitor "their financial and personal online accounts for any unusual activity."
 
It looks like the reason the BGRS website has been down is it was hacked.

https://www.cbc.ca/news/politics/military-relocation-hacked-bgrs-1.7003766

The government confirms a data spill of personal info:

Hold Fire Sale GIF
 
At this point I’d rather get the cash cost of my next move, be it posting or final retirement, and let me manage myself under the relocation policy.
 
Because of course there's a Bruce Schneier quote. Discussing a different issue, but highly applicable here:

"If researchers don’t go public, things don’t get fixed," said Bruce Schneier, a security expert who has written several books on the subject. "Companies don't see it as a security problem; they see it as a PR problem. And if there's no PR problem, it'll never be a priority.”

 
Good news! According to Forbes magazine earlier this year, Sirva was one of the most cybersecure companies in America!


 
Companies should never pay. Have their backups, scrub the systems and restore. If everyone said screw you then this crap would stop.
 
Backups cost money. Probably less than $15M but they took a risk and now get to live with the results.
 
Frankly if it were merely a "we encrypted your data" hack it would be borderline tolerable. The exfiltration of 1.5 TB of data before the encryption is where everyone in the SIRVA ITSEC organization failed.
 
Weird I don't recall seeing any emails about this on DWAN. I do see one about Cyber Security Awareness week...
 
Emails hit last Friday just after 4 p.m. over DWAN and D365. Also, there have been many attempts at a thread start on /r/CanadianForces to be quashed by that mod team (not sure what motivation there is, people are very concerned), and I think this caused /r/CAF rogue sub to take off a bit (membership increased 5x this week, only still a few hundred). The screenshot of the /r/CAF post sums it up, one update on that is the data is now linked out as six *.tgz files on LockBit's TOR site (last update flag they have is 05:15 UTC 26 October 2023, so it went public minutes ago).
 

Attachments

  • image_2023-10-26_012645839.png
    image_2023-10-26_012645839.png
    41.7 KB · Views: 15
Emails hit last Friday just after 4 p.m. over DWAN and D365. Also, there have been many attempts at a thread start on /r/CanadianForces to be quashed by that mod team (not sure what motivation there is, people are very concerned), and I think this caused /r/CAF rogue sub to take off a bit (membership increased 5x this week, only still a few hundred). The screenshot of the /r/CAF post sums it up, one update on that is the data is now linked out as six *.tgz files on LockBit's TOR site (last update flag they have is 05:15 UTC 26 October 2023, so it went public minutes ago).
The r/CanadianForces sub has quashed many threads on various topics for reasons. It’s ironic since a lot of those people got there due to complaints that this site was being toxic.

But yes, r/CAF is a bit of a reaction to the other sub. I pretty much only go to r/CanadianForces for the SCS now, which I still find hilarious.
 
TBS dropped a message yesterday.


"...preliminary information indicates that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies."
 
Back
Top