Elgin admits personal information stolen in computer breach

Elgin County, in a statement issued on Friday, May 13, revealed that some personal information involving residents was “accessed and exfiltrated”—and that means stolen—from county computer systems during a recent “cybersecurity incident.”

The county’s online website, form processing and email were shut down April 1, and weren’t restored until April 27.

County Administrator Julie Gonyou said, “On discovering the situation, the County of Elgin immediately activated its IT (information technologies) security protocols to contain the threat, shut down access to its systems, reported the incident to relevant authorities including law enforcement and the Information and Privacy Commissioner of Ontario, and retained external legal counsel as well as cybersecurity forensic experts to conduct a comprehensive investigation and to strengthen its systems.

“The County of Elgin was recently able to confirm that some personal information had been accessed and exfiltrated. At this time, there is no evidence to suggest that personal information was used to commit fraud or identity theft as a result of this incident.”

Ms. Gonyou stated, “Based on the investigation to date and the proactive efforts undertaken to manage the situation, the County of Elgin is confident that the incident has now been successfully contained and remediation processes are well underway.

“For individuals impacted by a breach of sensitive personal information, credit monitoring and identity theft protection will be provided. As of today, May 13, 2022, the County of Elgin sent letters by Canada Post to impacted individuals.”

More in the May 18 edition of The Aylmer Express.