The federal privacy watchdog says a data breach at a contractor for Canada’s border agency involved as many as 1.38 million licence plate images and associated information.
In a report detailing its investigation, the privacy commissioner’s office cites inconsistencies in the way the Canada Border Services Agency managed licence plate information and a lack of security measures.
It highlights the absence of adequate contractual clauses to ensure the border agency’s private-sector partner was properly protecting the information.
The report, though completed in May, was tabled Thursday in Parliament as part of privacy commissioner Philippe Dufresne’s annual report.
The watchdog initiated a complaint and began its probe following 2019 media reports of a cyberattack on a U.S.-based third-party contractor used by both the Canadian border agency and its American counterpart….