The Ontario government says residents should still be confident in the province’s vaccine booking portal, even though the government failed to disclose a suspected security breach that resulted in a police investigation and charges against a government employee.
As reported by CTV News, the Ontario Provincial Police (OPP) cyber crimes unit was “immediately engaged” and quickly started an investigation after learning about the breach on November 17th. The government asked the OPP to investigate after it received reports that residents received spam text messages from people who had scheduled appointments are accessed their vaccine certificates through the provincial vaccine portal.
The spam messages were “financial in nature,” according to Ontario’s Solicitor General, who also said the investigation confirmed that no personal health information was accessed and that the COVID-19 vaccine booking system “remains secure.”
CTV News reports that multiple residents received text messages with either their full names or their children’s full names, all with slightly differing requests.
Investigators executed two search warrants on November 22nd, one in Ottawa and the other in Quebec, related to the security breach. 21-year-old Gloucester resident Ayoub Sayid — who police say was an employee of the Ontario Ministry of Government and Consumer Services in the vaccine contact centre — and 22-year-old Rahim Abdu from Vaudreuil-Dorio, Quebec, were taken into custody and charged with Unauthorized Use of a Computer contrary to s. 342.1(1)(c) of the Criminal Code. The charges have not been proven in court.
Despite the arrests, the Official Opposition has criticized Premier Doug Ford’s government for failing to notify the public. Instead, concerned residents shared reports about the breach on social media, and the Ford government only confirmed it after inquiries from the media.
“The government knew this was happening and they chose to keep it under wraps,” said NDP leader Andrea Horwath.
Source: CTV News