MOVEit, vital for organizations like healthcare, finance, and government sectors, provides secure file transfer of sensitive data, such as medical records and financial details, ensuring encryption and compliance with security standards. However, its integrity was compromised on June 4, 2023, by a significant privacy breach, shedding light on the challenges of digital data security.
In response, Information and Privacy Commissioner Tricia Ralph initiated an investigation into the MOVEit cyber security breach, which was disclosed by the Nova Scotia Government on June 4, 2023. This service, used by various public entities and health organizations including Nova Scotia Health and IWK Health, faces scrutiny for its security measures.
The investigation aims to evaluate the security and information handling practices of the Nova Scotia Government, Nova Scotia Health, and IWK Health, in line with the Privacy Review Officer Act, Freedom of Information and Protection of Privacy Act, and the Personal Health Information Act.
Triggered by 110 privacy complaints from individuals affected by the breach, this extensive probe will incorporate these concerns. Once concluded, a detailed public report will be available at the Office of the Information and Privacy Commissioner’s website.