Canada’s House of Commons is urgently investigating a serious data breach following a cyberattack that exposed sensitive employee information. The incident, which occurred on Friday, was revealed to House staff on Monday via internal email, raising concerns about potential targeted scams and impersonation attempts.
How the Attack Happened
According to reports, the attacker exploited a recent Microsoft security flaw to infiltrate a database that manages House of Commons computers and mobile devices. Stolen data includes names, job titles, office locations, and email addresses — all non-public details that could be weaponized in phishing campaigns or identity fraud. Staff and Members of Parliament have been urged to remain vigilant for suspicious communications.
Who’s Involved in the Investigation
The Canadian Centre for Cyber Security (Cyber Centre), part of the Communications Security Establishment (CSE), is assisting in the probe. While the breach has not been attributed to a specific hacking group, authorities emphasize that attributing cyber incidents is complex, requiring time and extensive resources. The House of Commons has not released an official public statement, and media inquiries remain unanswered.
Microsoft Vulnerabilities Under Scrutiny
While the exact vulnerability used in the attack remains undisclosed, cybersecurity experts suspect it could be linked to two recently patched Microsoft flaws. The first, CVE-2025-53770 (ToolShell), is a severe Microsoft SharePoint Server bug actively exploited by Chinese state-backed hackers and ransomware operators since early July. It has already been used in high-profile breaches targeting U.S. federal agencies, state departments, and European government networks.
The second, CVE-2025-53786, is a high-severity Microsoft Exchange flaw that enables attackers to move laterally in cloud environments. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive last week, warning that failure to patch could result in total domain compromise. Despite global warnings, over 29,000 Exchange servers remain vulnerable, with more than 800 located in Canada.
A Wake-Up Call for Government Cybersecurity
This incident serves as a stark reminder of how fast-moving cyber threats can exploit even recent vulnerabilities before organizations patch them. Governments worldwide are increasingly under siege from state-backed actors and organized cybercrime, making proactive security measures a critical necessity.
Conclusion
As the investigation unfolds, the House of Commons faces the challenge of restoring trust while ensuring future-proof cybersecurity defenses. For Canadian institutions, this breach underscores that patching vulnerabilities quickly and educating staff against social engineering remain vital steps in defending national data.
