- Canada’s House of Commons notified its employees of a cyberincident
- It lost sensitive employee data to unnamed hackers
- Threat actors apparently broke in through a Microsoft SharePoint flaw
Canada’s House of Commons has reportedly suffered a cyberattack which saw it lose sensitive employee data.
A CBC report, citing an internal email that the organization sent to its staff, says the attack saw an unidentified threat actor exploit a “recent Microsoft vulnerability” to access a database with information on employee computers and mobile devices.
Among the data stolen in the attack was employee names, email addresses, job titles, office locations, and information about the devices they use.
SharePoint under the magnifying glass
At the moment, both the House of Commons and Canada’s Communications Security Establishment (CSE) are investigating the issue.
“Attribution of a cyber incident is difficult. Investigating cyber threat activity takes resources and time, and there are many considerations involved in the process of attributing malicious cyber activity,” CSE apparently said in a statement.
The organization told its employees to remain vigilant, and be wary of incoming communications.
The details are scarce, but the House of Commons saying the attackers used a “recent Microsoft vulnerability” fueled speculation that it was done through an infamous SharePoint flaw which has been exploited recently.
Canada’s Cyber Centre recently issued a warning about a SharePoint Server flaw called ToolShell, tracked as CVE-2025-53770.
ToolShell was first observed in late July 2025, and has been abused by multiple threat actors, including Chinese state-sponsored groups.
Multiple high-profile organizations have already been compromised this way, including the US National Nuclear Security Administration, Rhode Island General Assembly, and many others.
Via BleepingComputer