N.S. government confident 600 missing files from data breach destroyed
Investigation by Atlantic School of Theology suggests 600 downloaded files, computer destroyed
More than 600 files downloaded as part of the largest information breach ever in Nova Scotia appear to have been destroyed without having been shared.
That's the conclusion reached by a senior government official after receiving word about an internal investigation by the Atlantic School of Theology, the location where the information was downloaded using the institution's public WiFi network.
"AST has indicated to us that there is a very high probability that the 600 files downloaded there have been contained, and they confirmed that there were no files found on their equipment that were private in nature," Jeff Conrad, the deputy minister of internal services, told a legislature committee Wednesday.
"AST also advised us that their investigation has concluded that the laptop used to access the 600 files, and the information that was on that laptop, has been destroyed."
Conrad and two senior department officials spent more than 90 minutes answering questions from members of the Public Accounts Committee, which has been looking into the breach and the government's response to it.
Reports by Nova Scotia's Information and Privacy Commissioner and the Office of the Auditor General issued two months ago raised serious questions about the way government officials designed and launched a web portal without adequate security.
That resulted in what the auditor general described as the inappropriate downloading of files that included child custody documents, medical information and proprietary business material.
Catherine Tully, the privacy commissioner, also expressed concern that the breach had yet to be fully contained given the fate of 600 files downloaded at AST had not been determined.
Conrad told reporters following Wednesday's committee meeting the government is reasonably sure that information no longer exists outside government.
'We haven't closed the file'
"We have no reason to think that AST wouldn't be providing us with their best understanding, but we haven't closed the file in terms of our own work," said Conrad.
"Obviously in situations like this you're reliant on people saying and giving you some material about the degree to which we can be comfortable that it was or wasn't distributed, but we have a high degree of probability that this has been contained."
Conrad refused to provide any details of the investigation conducted by the theology school about who would have accessed the portal or the reasons why.
System has changed, says information officer
During testimony before the committee, he and senior IT officials repeatedly told MLAs that procedures had changed within government and there was a new emphasis on cyber security and the protection of private information.
"The system has absolutely changed, significantly," said Sandra Cascadden, Nova Scotia's chief information officer.
"One of the metrics that I would use to validate and justify my response to that is the fact that we now have over 50 TRAs, threat-risk assessments, in the queue looking for vendors to help us do those threat-risk assessments. We didn't do 50 TRAs last fiscal year."
After the meeting Cascadden told reporters those threat-risk assessments were being ordered for every major software or system upgrades.
"We are doing them on major changes to the system."
Linda Moxsom-Skinner, AST's director of advancement, said the university's review was conducted by a lawyer "experienced with workplace investigations" and a forensic IT consultant.
She said the final report of the review was presented to the president, legal counsel and the university's board.
"A former administrator used an AST laptop to access Freedom of Information files as well as an AST desktop to access files for public release (none of which contained private or personal information).
"As we understand it, many of the files accessed through that laptop contained private and personal information that were not intended for public disclosure. He subsequently destroyed the laptop and provided assurances that files he accessed have not been share or disseminated."
She said the forensic IT consultants have determined "that if the laptop was destroyed in the manner described, any files contained on it cannot be read or recovered. The review found no reason to believe that the laptop or the files still exist."
MORE TOP STORIES