Canada House of Commons Targeted by Cyber Attack
Over the past two days, a notorious malware gang has been claiming responsibility for a sophisticated cyber attack that targeted a prominent political organization in Canada. According to their statement, the group has successfully infiltrated the computer network of the Canadian House of Commons, potentially gaining access to sensitive data. In a demonstration of their claims, the attackers released a portion of the stolen information for authentication, which appears to be linked to the House of Commons. Authorities are currently investigating the authenticity of this data, but the situation is still under scrutiny.
The Canadian Parliament, particularly the lower house, has yet to confirm whether it has indeed fallen victim to this cyber-attack. Investigations are ongoing, with the Parliament engaging forensic experts to assess the breach and minimize further risks. All staff members of the House of Commons have been alerted about the attack and are being urged to remain extra cautious against potential social engineering schemes, which might follow the data breach.
Reports suggest that the cyber attack could have been facilitated by a recent vulnerability in Microsoft SharePoint Exchange Server, which is believed to have provided the attackers with access to the network’s database. Authorities suspect that the cybercriminal group responsible for the breach may be either Shiny Hunters or Scattered Spider, two well-known hacking groups with a history of targeting high-profile organizations.
In response to the attack, the Parliament is working to bolster its cybersecurity defenses and is collaborating with experts to safeguard its infrastructure from any further intrusions. The breach raises serious concerns about the protection of sensitive government data and the growing sophistication of cyber attacks targeting political entities worldwide.
Manpower Staffing Firm Suffers Data Breach Impacting 145,000 Individuals
In another alarming incident, Manpower, a well-known staffing firm based in Michigan, has been rocked by a significant data breach. The company disclosed the breach in a recent filing with the Maine Attorney General, revealing that a hacking group called RansomHub gained unauthorized access to its internal network in December 2024. The attackers are said to have stolen approximately 500GB of sensitive data, impacting around 145,000 individuals.
The breach came to light when Manpower began an internal investigation in February 2025 and subsequently notified the affected individuals on August 10, 2025. The stolen data included highly sensitive personal information, such as Social Security numbers, which could have serious consequences for those impacted. Given the scale of the breach, it raises major concerns about data protection practices in companies handling vast amounts of personal and financial information.
Interestingly, just one hour after the public disclosure of the breach, RansomHub reportedly removed the stolen data from the dark web, fueling speculation that Manpower may have paid a ransom to prevent further exposure. This quick response suggests that the company might have opted to meet the hackers’ demands to mitigate potential risks, though this remains unconfirmed.
While Manpower continues to investigate the full extent of the breach, it has assured affected individuals that steps are being taken to improve security and provide assistance to those whose personal data has been compromised. The breach underscores the growing threat posed by cybercriminals targeting businesses and the need for enhanced security measures to protect sensitive information.
Join our LinkedIn group Information Security Community!
