A privacy consultant says now that government has confirmed that employee information has been stolen in the cyberattack, there is an increased risk of identity theft.
While originally unconfirmed, Minister John Hogan announced late Friday that personal information has been taken by the attackers.
David Morgan, a Principal Consultant at Morgan Privacy Consulting, says the stolen data means that the confidentiality has been compromised as the hackers have seen it.
He says the biggest concern is if they can share that data publicly or sell it to people looking to use it for financial gain, such as applying for a credit card.
Morgan says this can increase the chances of identity theft; however, a significant factor is whether the data was encrypted or not.
The data is significantly more secure if encrypted, as without the decryption key it would just appear as “garbled nonsense.” He says without the decryption key, there’s not much the hackers could do with the information.