With regard to reports of a data breach at Public Services and Procurement Canada in August 2018, after a device containing personal information was stolen: (a) on what date did the theft occur; (b) on what date was the theft reported to the law enforcement agencies, and to which agencies was the theft reported; (c) on what date was the Office of the Privacy Commissioner notified; (d) how many employees were affected by the data breach, broken down by department or agency; (e) on what date were the affected employees notified; (f) why was there a delay between the breach and the notification date for employees; (g) how are affected employees being compensated for the breach; (h) what type of information was contained on the stolen device; (i) has the government recovered the device; (j) how many data breaches have occurred since January 1, 2016, broken down by department, agency, Crown corporation or other government entity; and (k) for each data breach in (j), what are the details, including (i) how many people were affected, (ii) date of breach, (iii) date those affected were notified, (iv) summary of incident?
In the House of Commons on November 5th, 2018. See this statement in context.