Spread the love

Theft from a sexual assault center

Open in full screen mode

The theft took place in the new premises of the center, located in the city center. (Archive photo)


Voice synthesis , based on artificial intelligence, allows you to generate a spoken text from a written text.

The Salal Sexual Assault Center in Vancouver has announced to its users and donors that' x27;a computer server containing their sensitive personal information and banking details was stolen from its premises on December 3.

Vancouver police confirmed in an email to Radio-Canada on Friday that an investigation is underway into this break-in. The latter took place in the structure's new premises, located in the city center.

At least one woman who used the center's services said she planned to file a complaint with British Columbia's privacy watchdog.< /p>

In a Dec. 23 email obtained by CBC/Radio-Canada, Salal general manager Dalya Israel informed users of the center that a backup server containing their contact details is among the items stolen from the office, currently being renovated.

It is possible that your name, email address, phone numbers and notes regarding security risks or services you have requested may be disclosed, sold and shared publicly, wrote Dalya Israel .

This theft would not concern individual files, case notes or even medical information, specifies the general director of Salal, because they are kept on an encrypted third-party platform.

Loading in progress< source srcset="https://images.radio-canada.ca/q_auto,w_600/v1/ici-regions/videojournal/17x6/yvr-air-canada-avion-neige-hiver.jpg" media="(min- width: 0px) and (max-width: 1023px)">Air Canada ranks last for on-time performance in North America

ELSE ON INFO: Air Canada ranked last for on-time performance in North America

The stolen server also contained donor bank account information and check images, as well as names, addresses and phone numbers, according to another email to donors obtained by CBC/Radio-Canada.

Credit and debit card information from online donations is stored on an encrypted third-party platform and remains secure, Dalya Israel said.

This is not a data hack, we can read in his email. We do not believe that this intrusion was intended to destabilize Salal SVSC or the users of the structure.

According to the general director , the risk of data theft or misuse is low, as access to it requires high-level IT knowledge. An independent privacy impact assessment found the risk to be moderate.

However, it is not known how many people have had their data compromised or how vulnerable they are.

On Friday, Dalya Israel declined an interview request from CBC/Radio-Canada.

In an emailed statement Sunday, she declined to answer questions about how the stolen data was stored, to protect the integrity of the investigation and material information .

Dalya Israel says the theft was devastating for Salal. Our deepest commitment is to users and our community, and we know that this has had and will have a significant impact on them, she writes.

Salal is a non-profit organization. It responded to 4,769 distress calls and provided 1,304 individual counseling sessions between April 2021 and March 2022, according to its latest annual report.

During the same period, it received more than $510,000 in donations from 3,454 individual donors, the report said.

Two cybersecurity experts say it's a good thing that Salal informed its users and donors about the data theft. However, they say the center is downplaying the significant impacts this theft could have on the safety, finances and privacy of thousands of people.

Ali Dehghantanha, Canada Research Chair in Cybersecurity and Threat Intelligence, University of Guelph, believes that Salal, given the nature of his activities, should have taken more steps to protect some of the sensitive data.

If the data is not encrypted, it is easy for anyone to access this information, explains the expert, who refuses to speak of low risk in this matter.

David Jao, professor and member of the Cybersecurity and Privacy Institute at the University of Waterloo, explains that it's easy to sell the stolen hardware to someone who can access it and use the data to empty bank accounts, commit fraud or phishing scams.

It's difficult to recall data once it's in the wrong hands, says David Jao. He thinks some donors whose data is on the server could be prime targets.

The simple fact Being a customer of the center is a private and sensitive thing for many people, believes Ali Dehghantanha.

According to information from Yasmine Ghania and Moira Wyton

Teilor Stone

By Teilor Stone

Teilor Stone has been a reporter on the news desk since 2013. Before that she wrote about young adolescence and family dynamics for Styles and was the legal affairs correspondent for the Metro desk. Before joining Thesaxon , Teilor Stone worked as a staff writer at the Village Voice and a freelancer for Newsday, The Wall Street Journal, GQ and Mirabella. To get in touch, contact me through my teilor@nizhtimes.com 1-800-268-7116