Cyber Attackers On Bermuda Gov’t May Have Taken Personal Data – Premier

(CMC) – Bermuda’s Premier David Burt says an investigation into the cyber attack that severely hampered the government’s information systems in September has found circumstantial evidence that personal data may have been exfiltrated.

But, Burt told a news conference that the authorities are still not clear if personal information held on the government’s computer systems had been obtained by the hackers.

“The forensic review of the attack and its impact continues, but there has not been a forensic confirmation of the exfiltration of data,” he told reporters.

“Notwithstanding the fact that this has not been forensically confirmed, there is circumstantial evidence that data may have been taken, and we’re working on that assumption with the Government’s privacy team to ensure that impacted parties can be notified,” he added.

Late last month, Burt told reporters that any data held on government files did not appear to be compromised even as he acknowledged that there was “a significant amount of data on our systems.”

During the latest news conference, he would not provide details of the extent or nature of any personal information that may have been exposed to the hackers.

“With these investigations the one thing that is important is that you only state what you know definitively. And as part of this you look into gathering any forensic evidence that you can point to and say that exfiltration did take place.

“We have been unable to determine that. However, from the research and the investigation from the teams, there did seem that there was an ability for the attackers to do that from some things which we have found.

“We have not been able to confirm that, but they did have the ability to do so, and so we are proceeding upon the basis, understanding which files may have been accessed, and working with the Government’s privacy team to ensure that appropriate notifications are made to parties who may be affected,” he told reporters.

“We do not have confirmed forensic evidence that exfiltration took place. We are operating under the assumption that we’ve discovered that this capability may have been there. We’re going with an abundance of caution,” Burt said, refusing on numerous occasions to confirm if the hackers had sent his administration a ransom note or provide any other details about the attack.

But, he did say that once services had been resumed, a parliamentary committee will be formed to investigate all aspects of the attack.

“I will only repeat the answers I gave to you before, that we are focused on working with our cybersecurity access, law enforcement to make sure that we continue to secure our systems. It’s an ongoing, active investigation and it would not be prudent for us to comment on these matters at this time.

“All those things will be transparently disclosed when there’s an inquiry and I know that persons want to get that information, but it’s important that we focus on the restoration efforts and the security efforts before we start disclosing various factors.”

National Security Minister, Michael Weeks, who was also present at Monday’s press conference, said that police were in contact with him daily to provide updates on the investigation, refusing to provide any further details.

Burt provided an update on the government departments that had their IT systems restored, saying “a  critical department that has not been fully restored is the Attorney-General’s Chambers and the legislative drafting to ensure that we can continue to draft legislation and orders.”