Hackers breached Canada ’s House of Commons, exploiting a recent Microsoft flaw, compromising data, according to CBC News.
Threat actors reportedly breached Canada’s House of Commons by exploiting a recently disclosed Microsoft vulnerability.
“The House of Commons and Canada’s cybersecurity agency are investigating a significant data breach caused by an unknown “threat actor” targeting employee information.” reported CBC News.
“According to an internal email obtained by CBC News, the House of Commons alerted staff on Monday that there was an information breach. It said a malicious actor was able to exploit a recent Microsoft vulnerability to gain unauthorized access to a database containing information used to manage computers and mobile devices.”
The intruders gained access to a House of Commons database, compromised information includes employees’ names, job titles, office locations and email addresses, as well as information regarding their House of Commons-managed computers and mobile devices.
Canada’s Communications Security Establishment (CSE) is aware of the security breach and is helping the House of Commons in investigating the incident. At this time, the attacker’s identity remains unknown. The CSE defines a threat actor as anyone acting with malicious intent to access or disrupt data, devices, or networks without authorization.
A recent CSE report notes China, Russia, and Iran increasingly target Canada, but attribution for the House of Commons breach remains unclear. The cyberattack occurred on Friday and exposed data that could be misused for scams or impersonation.
The House of Commons breach may be linked to a recently exploited Microsoft SharePoint zero-day tracked as CVE-2025-53770, though the exact flaw wasn’t disclosed. Staff and members were urged to stay alert for scams, with no attribution given for the attack.
In July, Microsoft warned of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which is under active exploitation. The vulnerability is a deserialization of untrusted data in on-premises Microsoft SharePoint Server, an unauthorized attacker could exploit the vulnerability to execute code over a network. Viettel Cyber Security reported the flaw via Trend Micro’s ZDI.
“Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild.” reads the advisory. “Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation.”
Canada faces growing cyber threats from criminals and state actors, with incidents rising sharply in the past two years. State adversaries are bolder, while profit-driven criminals exploit illicit tools and AI. China is deemed the most sophisticated and active threat, linked to breaches of at least 20 federal networks over the past four years.
Cyber threats targeting Canada’s critical infrastructure are increasing.
In June, Canada’s airline WestJet suffered a cyberattack that impacted access to some internal systems and the company’s app.
In April 2025, Canadian electric utility Nova Scotia Power and parent company Emera faced a cyberattack that disrupted their IT systems and networks. The cyber attack impacted their IT systems and networks. Both companies declared that the security incident did not cause any power outages.
In September 2023, Air Canada, the flag carrier and largest airline of Canada, announced that the personal information of some employees was exposed as a result of a recent cyberattack. In June 2023, the cyber attack suffered by Suncor Energy impacted payment operations at Petro-Canada gas stations in Canada.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Canada)
