BC Freedom of Information and Privacy Association
Your Data Your Rights
As many as 4,000 current and former Oxford County employees may have had their personal information compromised in a recent cybersecurity incident, the local government’s warden says.
Echoing an apologetic statement from Oxford County, Warden Marcus Ryan said he was sorry the incident happened, adding the county was “doing every single thing” it could to “minimize risk and impact” to anyone affected.
“People trust us with their information, and I’m sorry that this has happened and (hackers) may have got access to their information,” Ryan said on Thursday.
“Unfortunately, this is the world we live in now where our information is precious and literally worth money to other people, and they will go to trouble to try and take it from us.”
Oxford County’s statement said past employees would be contacted through a mailed letter to their last known address “to be advised of precautionary measures and support” the county is able to offer. The county said it was still investigating whether and to what extent the personal information of other groups may have also been compromised, noting it would carry out notifications as quickly as possible.
The county’s statement on Wednesday noting personal information may have been compromised comes after Ryan’s initial statement on Sept. 15 that Oxford County had experienced a “technical incident.”
Ryan was cautious of what information regarding the cyberattack would be disclosed publicly because the investigation was continuing but said Oxford County was taking measures to prevent future breaches.
“This is still an ongoing issue, and frankly, will be for months,” Ryan said. “I won’t get into the details, the specifics of what precautions we’re taking or have taken, because it has the potential to undermine their effectiveness.”
The ultimate goal is to protect as much information as possible, whether it be the county’s, staff’s or residents’ information, Ryan said.
In an earlier statement, Ryan said all of the county’s systems are operating normally and there were no changes to the services provided to the public.
In a 2023, Brent Arnold of at Gowling WLG, which specializes in cybersecurity and commercial litigation, told The Free Press the MUSH sector – municipalities, universities, school boards and hospitals – often is an attractive target for hackers.
“For one, they don’t have tons of money to spend on cybersecurity. So, sometimes, they’re tempting targets because hackers know they’re not as well protected as, say, a bank,” Arnold said. “Sometimes, it’s opportunistic.”
Cyberattacks have also hit other Southwestern Ontario governments in recent years, including Elgin County, the Town of St. Marys, Woodstock and Stratford.
A “cyber incident” at the London Public Library in 2023 disrupted its phone lines, website and computer network.
One of the largest cyberattacks in the region in recent memory compromised data of roughly 270,000 patients at hospitals in Sarnia, Chatham-Kent and Windsor.
The Local Journalism Initiative (LJI) is a federally funded program to add coverage in under-covered areas or on under-covered issues. This content is created and submitted by participating publishers and is not edited. Access can also be gained by registering and logging in at: https://lji-ijl.ca
You can support trusted and verified news content like this.
FIPA’s news monitor subscribers, donors and funders help make these available to everyone rather than behind a paywall. We appreciate every contribution because it makes a difference.
If you found this article interesting and useful, please consider contributing here.
