SLGA employee and customer information compromised in 2021 cyberattack

Hackers accessed sensitive information about Saskatchewan Liquor and Gaming Authority (SLGA) employees and customers in a cyber attack in 2021, according to the Saskatchewan government.

According to the government, cybersecurity experts discovered that the attackers had accessed “data associated with SLGA employees, including information typically collected by employers such as names, banking information and social insurance numbers. “.

After consulting the Office of the Privacy Commissioner, the SLGA has informed its current and former employees of the potential threat, the government announced on Tuesday. SLGA also suggested steps employees could take to ensure their information is secure and offered them a credit monitoring service for two years.

The attackers may also have accessed personal information belonging to SLGA’s regulatory customers, the government noted. These customers provided detailed personal information in order to obtain licenses such as alcohol or cannabis permits.

“SLGA is now directly notifying customers who have provided SLGA with sensitive personal information within the past five years,” the government said in a statement.

“This information may include place and date of birth, driver’s license, height, weight, eye color, employment history, criminal history and financial information gathered as part of the grant process. license/permit.”

According to the government, their cybersecurity experts discovered that some of the information had already been shared on the “dark web”, websites that require specific software or permission to access.

SLGA customers received the same credit monitoring offers and suggested steps to improve their data security.

The state-owned company has hired an outside firm to audit its cybersecurity systems and policies to ensure no other data is compromised. Meanwhile, the investigation into the 2021 attack continues.