- The Canada House of Commons has informed its employees of a cybercident
- He has lost data sensitive to employees with nameless pirates
- Threat actors apparently interrupted a Microsoft SharePoint flaw
The Canada House of Commons would have undergone a cyber attack that has seen employee sensitive data lose.
A CBC report, quoting an internal email that the organization has sent to its staff, said that the attack saw an unidentified threat actor exploiting a “recent vulnerability of Microsoft” to access a database with information on employees and mobile devices.
Among the data stolen in the attack was the names of the employees, the email addresses, the employment securities, the office locations and the information on the devices they use.
SharePoint under the magnifying glass
Currently, the House of Commons and the Safety Institution of Canada Communications (CSE) are investigating the issue.
“The allocation of a cyber-incident is difficult. The survey on Cyber-Menace activity takes resources and time, and there are many considerations involved in the allocation of malicious cyber-activity,” said CSE in a statement.
The organization has told its employees to remain vigilant and be wary of incoming communications.
The details are rare, but the House of Commons saying that the attackers used a “recent vulnerability of Microsoft” fueled speculation that this was done by a infamous SharePoint defect which was recently exploited.
The Cyber-Center-Center of Canada recently issued a warning concerning a SharePoint server defect called Tools, followed under the name of CVE-2025-53770.
The tool was observed for the first time at the end of July 2025 and was mistreated by multiple threat actors, including Chinese groups sponsored by the state.
Several high -level organizations have already been compromised in this way, including the National Nuclear Security Administration, the General Assembly of Rhode Island and many others.
Via Bleeping Compompute
