Loading articles...

TransLink workers sent letters saying what info hackers were able to copy

Last Updated Feb 23, 2021 at 9:09 pm PDT

(Photo credit: Dustin Godfrey for NEWS 1130)
Summary

Some TransLink workers are getting letters from their employer saying what info hackers were able to copy

One worker had their social insurance number, date of birth, bank account number and home address compromised

The cyberattack in December affected a range of employees, including those at the corporate level to bus drivers

VANCOUVER (NEWS 1130) – It appears the cyberattack that hit TransLink late last year was a lot bigger than initially thought. Thousands of employees are getting the news in the form of a letter, which details what information hackers were able to get access to.

A TransLink worker has shared the letter they received with NEWS 1130. In their case, their social insurance number, date of birth, bank account number, and home address were compromised.

The cyberattack in December affected a range of employees, including those at the corporate level, bus drivers, and even members of Transit Police.

In this letter, with the subject line “December 2020 Data Security & Privacy Incident,” TransLink writes that hackers accessed and copied files from restricted network drives “that include files that contain some banking information and some social insurance numbers. TransLink maintains this information for TransLink employees.”

“In addition, TransLink provides some human resource services to CMBC, Transit Police, BCRTC and WCE and therefore maintains some information of employees of these subsidiaries,” it added.

The letter says TransLink “deeply regrets that this incident occurred and its potential impact on affected individuals.”

It adds “TransLink always strives to protect the personal information in its care.”

The letter is signed by interim CEO Gigi Chen-Kuo.

Balbir Mann is the president of Unifor Local 111, which represents bus drivers, and he is among the employees whose personal information was compromised.

“It’s a scary moment for sure for everybody – for all of us. We are working hard on this to put a close to it. You know, having information being stolen, you don’t know how and when they’re going to use it,” he tells NEWS 1130.

He adds the union members are feeling frustrated and panicked, saying “it’s a very touchy situation right now.”

The transit authority is providing two years of credit monitoring services to anyone whose information may have been exposed, but Mann says that’s not long enough.

“We’ve asked for five [years]. I think we’ll probably need more than that moving forward. All of our members need protection,” he says.

Mann says the union is in talks with its legal team about the matter.

Related:

Earlier this month, we learned some retired and former employees, as well as some of their spouses, were being contacted by TransLink, telling them their data may have been compromised.

A class action lawsuit has been filed by a retired transit worker following the December data breach. The retired worker, who is only identified by the initials G.D., claims TransLink failed to responsibly manage his personal data and that of others during the data breach.

-with files from Paul James