With regard to the data security breach at Global Affairs Canada (GAC) which was reported around the end of January 2024: (a) how many users' information was impacted, in total and broken down by (i) GAC employees, (ii) government employees outside of GAC, (iii) the general public, (iv) diplomats from other countries; (b) on what date did GAC become aware of the data breach; (c) on what date were the impacted users informed of the breach; (d) if impacted users were not informed, why were they not informed; (e) for impacted users, what types of information were breached; (f) did the data breach only impact users who accessed the GAC-operated Secure Integrated Global Network (SIGNET) between December 30, 2023, and January 24, 2024, and, if not, what other users, time periods or networks were impacted; (g) what action, if any, did GAC take to prevent data security breaches in response to the December 2022 announcement by the United States Secret Service that entities working on behalf of the government of the People's Republic of China, including APT41, were hacking and conducting espionage; (h) is the actor(s) responsible for the data breach a state or non-state actor(s); and (i) what is the name of the actor(s) responsible for the data breach?
In the House of Commons on April 8th, 2024. See this statement in context.