WSP Global Inc.

WSP Global Inc., also known as WSP, is an engineering firm headquartered in Canada. The organization operates through a network of subsidiaries to deliver its services. On June 1, 2022, one of these subsidiaries experienced a security incident involving unauthorized data access. The breach was part of the Cl0p ransomware group's exploitation of vulnerabilities in the MOVEit secure file transfer platform. Attackers exfiltrated data from the subsidiary's systems, resulting in the theft of a limited volume of non-sensitive corporate information. According to company statements, the compromised data included institutional records but excluded private individual details. WSP confirmed that no personal or confidential data was compromised as a result of the incident. The organization's internal systems remained unaffected by the attack, indicating the breach was confined to the subsidiary's environment. This event occurred alongside numerous other global victims impacted through third-party service providers using the vulnerable MOVEit platform. The widespread nature of the MOVEit exploitation affected many organizations worldwide, with WSP being one among those compromised via a subsidiary's use of the service.

The company's public assessment emphasized the limited scope of data theft and the absence of sensitive personal information. WSP clarified that while institutional records were accessed, private individual details were not included in the exfiltrated data. The breach did not result in the compromise of personal or confidential data, according to the organization's own investigation. The incident was contained to the affected subsidiary, with WSP's primary systems continuing to operate without disruption. This outcome was attributed to the specific nature of the data stored within the subsidiary's systems. The event represents a case within the broader context of supply chain attacks targeting common software vulnerabilities. WSP's response focused on transparency about the data types involved and the containment of the incident to a subsidiary. The organization's internal infrastructure remained secure throughout the breach period. The incident underscores the potential for third-party software vulnerabilities to impact corporate data even when internal controls are effective.