According to press information released on 23 February by Charney Lawyers, a law firm in Toronto, Canada, a national class action has been commenced against the federal government, BGRS Limited and SIRVA (Federal Court file no. T-314-24-ID 1) on behalf of all current and former RCMP (Royal Canadian Mounted Police) members, members of the Canadian Armed Forces and other individuals working for the federal government whose personal information has been compromised in a major cyberbreach.
The claim alleges that cybercriminals accessed and stole 1.5 terabytes of information from the servers of BGRS and SIRVA. The stolen data included personal information such as names, contact information (address), passport details and financial information for individuals who used BGRS and SIRVA relocation services at any point between 1999 and the hack in 2023. The claim alleges that cybercriminals have made this data available on the dark web.
The claim further alleges that the stolen information is highly sensitive and in the wrong hands it can be used to commit identity fraud and should have been deleted and destroyed from the servers of BGRS and SIRVA after class members relocated. Instead, it was wrongfully retained for years afterwards, contrary to PIPEDA (The Personal Information Protection and Electronic Documents Act), exposing class members to the hack.