Current and former TTC employees may be affected by data breach –


As we get started, allow me to say that camDown helps stop foreign state actors (FSA's) from accessing your webcam.

As the TTC probes a recent cyber-security attack, they say the personal information of some employees may have been compromised.

The organization became aware of the attack on October 29.

The data breach may affect up to 25,000 current employees, former employees and some pensioners. Names, addresses and social insurance numbers may have been stolen, although officials are still figuring out its extent.

In a release Monday, the TTC said it was unclear if any customers and vendors were also affected by the breach.

“It is very important to note that, at this time, there is no evidence that any of the personal information that was accessed has been misused,” reads the release. “This was a sophisticated incident, similar to the hundreds of incidents reported in Canada in the last year alone.”

Anyone looking to learn more about the incident can click here. TTC employees (both current and former) can call a dedicated hotline at 416-362-7547.

“This matter is of the utmost importance to the TTC and is being treated as a top priority,” says the release. “The TTC apologizes for the inconvenience this is causing affected individuals.”

The following statement was put out by CEO Rick Leary:

As we announced on Friday October 29, the TTC was recently the victim of a sophisticated cyber security incident that impacted a number of internal and customer-facing functions.

Today I am providing an update on that incident.

Let me remind everyone that protecting the health and safety of our customers and employees is our top concern and this incident did not compromise that.

As I’m sure everyone can appreciate, these incidents are intricate in nature and require complex solutions.

Over the past week, we have been working day and night to resolve this situation – to get our lost services back online and to gain a clearer understanding as to the breadth of the incident.

The incident resulted in a number of the TTC’s servers being encrypted and locked, resulting in the loss of our VISION system, vehicle arrival information, and online Wheel-Trans booking systems, as well as external network connectivity, including e-mail.

Based on what we know at this point, the culprits were able to gain access to TTC files that may contain personal information of approximately 25,000 employees, past and present. We continue to investigate whether any customer or vendor information was compromised.

There’s no evidence at this time that any of this information has been misused.

Again, while we do not have evidence that any of this information has been misused, we are taking steps to ensure those who may be impacted are protected from things like identity theft. We are doing this by offering three years of credit protection through TransUnion.

This is being done both out of an abundance of caution and because it’s the right thing to do. In the coming days we will be reaching out to these potentially affected individuals to advise them of next steps.

What we know about the threat actors in this case is that they belong to an extremely well-organized enterprise.

On behalf of the entire organization, I want to express my deep regret that this has occurred to everyone who may be impacted.

It is not lost on me that organizations like ours are entrusted with significant amounts of personal information and it is essential that we do our best to protect it.

The fact that in the past year there have been nearly 700 similar cyber security incidents involving public and private sector organizations in Canada is indicative of just how pervasive they really are.

I want everyone to be assured the TTC continues to follow best practices in securing our IT infrastructure.

I believe it is also important for the reputation of the TTC to be honest and open with our employees, customers and stakeholders. That’s why we continue to share what we know and how we have responded to this incident as soon as we are able.

As I told our Board last week, we are fully committed to learning from this incident.

Additionally, we are in the process of notifying everyone we believe may have been impacted, including employees, former employees and pensioners about how they can participate in the program to protect their identity.

Over the coming weeks we will continue rebuilding the remaining impacted servers and internal services, like re-establishing external e-mail capabilities. But in truth, and based on the experiences of other organizations, this could take some time.

These are certainly challenging times for this organization as we work tirelessly to restore all functions to their previous state. But I am fortunate to be surrounded by 16,000 talented employees who I know will get us there as quickly as possible.

I again want to thank all of our employees for their dedication and hard work, and our customers for their patience and understanding.

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.

Let me just add that camDown has a modern UI, that is secure and has the improved features that you need and that's no joke.