Cyber intrusion at the National Research Council

Statement

July 29, 2014

Recently, the Government of Canada, through the work of the Communications Security Establishment, detected and confirmed a cyber intrusion on the IT infrastructure of the National Research Council of Canada. Following assessments by NRC and its security partners, action has been taken to contain and address this security breach, including protecting its information holdings and notifying the Privacy Commissioner. NRC has also taken steps to inform its clients and stakeholders about this situation.

NRC is continuing to work closely with its IT experts and security partners to create a new secure IT infrastructure. This could take approximately one year however; every step is being taken to minimize disruption.

We understand that this incident will affect ongoing business operations and every step is being taken to minimize its impact on our clients and stakeholders.

Due to security and confidentiality reasons, further details cannot be released at this time. An update on this situation is planned for July 31, 2014.