The Canadian Press is reporting that the Office of the Privacy Commissioner will be investigating the huge privacy breach within Human Resources and Skills Development Canada that resulted in the loss of personal information of about 5,000 Canadians.
Very few details have emerged about this breach other than the fact that a USB device was lost that contained names, social insurance numbers, and disability/health information about the affected individuals. Surely HRSDC must know some important details, such as what HRSDC program was the information connected to, was the USB device used to move the data between HRSDC sites or for an employee to take work home? This is the sort of basic information that the victims need to know in order to gauge whether they're at risk of fraud or identity theft.
Hopefully, the investigation will be swift since there are 5,000 people waiting to find out.
From the Canadian Press:
Privacy czar to probe department's loss of USB key containing personal info
OTTAWA - The privacy watchdog will investigate a federal data breach in which the personal information of thousands of Canadians went astray.
The office of privacy commissioner Jennifer Stoddart says it received formal complaints after a Human Resources and Skills Development Canada employee lost a USB key containing the personal information — including social insurance numbers — of about 5,000 Canadians.
Anne-Marie Hayden, a spokeswoman for Stoddart, says the privacy commissioner has also taken close to 200 calls from people expressing concern about the breach.
Human Resources says an extensive search for the key continues.
The department has no evidence that information on the missing key has been used for fraudulent purposes.
A spokeswoman for Human Resources Minister Diane Finley calls the loss of the key a serious and completely unacceptable incident.