Cyber Incident Victim: Ministry of Labor, Employment and Social Solidarity

On July 3, 2015, the Anonymous hacktivist group breached multiple Canadian government servers, including those of the Ministry of Labor, Employment and Social Solidarity (MTESS), the Québec Parental Insurance Plan Centre, and the National Review Commission on employment insurance. The attackers exploited vulnerabilities in these systems to access and exfiltrate databases containing personal information of employees and users. Leaked data published on Pastebin included first names, last names, thousands of email addresses, and corresponding clear-text passwords. Security analysis confirmed the legitimacy of the leaked datasets, which had not previously been exposed online. This incident revealed systemic security failures, particularly the storage of sensitive credentials in unencrypted plain-text formats by government administrators.

The attack formed part of a sustained campaign against Canadian government entities following the parliamentary approval of Bill C-51, an anti-terrorism law granting expanded surveillance powers to the Canadian Security Intelligence Service (CSIS). Anonymous explicitly cited retaliation against this legislation as their motivation. Prior incidents included the June 23 defacement of the Montreal Police Union website with an anti-C-51 video message, the June 24 breach of the Police Association of Ontario (exposing 1,300 employee/user records), and repeated July 1 disruptions of CSIS's official website. The cumulative impact involved unauthorized access to multiple government systems, persistent website disruptions, and the exposure of sensitive personal data across multiple agencies. No official containment measures or incident response actions by the affected entities were detailed in available reporting.