Canada’s House of Commons is investigating a cyber incident following a mid-August data breach. The attack exploited a Microsoft vulnerability to gain access to a database holding sensitive employee details. Stolen data included names, email addresses, job titles, office locations, and device information used by staff to manage computers and mobile devices.
The breach was detected late last week, with staff notified shortly after. Authorities confirmed that Canada’s cybersecurity agencies are involved in the ongoing investigation. Officials have emphasized that attributing responsibility will take time, given the complexity of the attack.
Likely Exploitation of SharePoint Vulnerability
Security analysts believe the breach is linked to the critical SharePoint flaw tracked as CVE-2025-53770, also known as “ToolShell.” This vulnerability allows remote code execution and has recently been exploited by multiple threat actors. Experts had previously warned organizations to apply security patches promptly, as unpatched systems present a significant risk of compromise.
Ongoing Risks and Precautions
The leaked employee data raises the risk of phishing and impersonation attacks. Staff and officials were urged to stay vigilant, verify all requests, and report suspicious activity immediately. Cybersecurity experts recommend organizations strengthen internal reporting systems and continue staff training to minimize the chances of successful social engineering attempts.
