In one case, a department had a leak of personal information. We realized that access procedures were not adequate, so much so that over 1,000 people had access to the personal information of a single Canadian who was in custody abroad. Obviously, that is inappropriate. We made recommendations, and limits were placed on access. In another case, also mentioned in our report, a department was the victim of a cyber attack, which jeopardized the security of 60,000 people's personal information. In that case, too, the department took measures to strengthen its electronic infrastructure on its own.
