Cybersecurity Agency Investigates House of Commons Breach Amid Surge in Threats
Canada's cybersecurity agency, CSE, is aiding an investigation into a recent cyber incident. This comes amidst a surge in threats targeting critical infrastructure, including attacks on WestJet, Nova Scotia Power, and Air Canada. Notably, a Microsoft vulnerability was exploited to breach the House of Commons, exposing employee data.
The House of Commons breach is believed to be linked to a recently discovered Microsoft SharePoint zero-day, tracked as CVE-2025-53770. Exposed information includes names, job titles, office locations, email addresses, and device details of employees. This incident follows a pattern of increasing cyber threats from both criminals and state actors, with a sharp rise in incidents over the past two years.
Canada faces a significant threat from China-linked cyber actors, deemed the most sophisticated and active. They have been linked to breaches of at least 20 federal networks in the past four years. However, the identity and attribution of the threat actor behind the House of Commons breach remain unknown.
The CSE's involvement signals the seriousness of the House of Commons breach. As cyber threats continue to grow, Canada must remain vigilant and proactive in its cybersecurity measures to protect critical infrastructure and sensitive information.
