The federal government warns current and former public service employees, RCMP members, and Canadian Armed Forces of the possibility of access to their personal and financial information in a data breach that occurred on October 19.

This breach affected federal government data held by Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services – two companies providing relocation support for employees.

The data breach may include any personal and financial information provided by employees to the companies as early as 1999, according to the Treasury Board of Canada Secretariat in a press release on Friday.

The statement said: "Given the large volume of data being assessed, we cannot yet identify specific individuals affected."

The Treasury Board of Canada Secretariat also stated that credit monitoring services or re-issuance of valid passports that may have been compromised will be provided to current and former employees and members who relocated with BGRS or SIRVA Canada over the past 24 years.

Officials said they are meeting with the relocation service companies to monitor the issue, and the incident has also been reported to the Canadian Centre for Cyber Security, the Office of the Privacy Commissioner, and the police.

Regarding organizations dealing with cybersecurity breaches, cyber analyst Ritesh Kotak said the first step is to "stop the bleeding." "They will likely shut down the system, and I assume that since the federal government has in-house expertise, they will come and conduct what is called a 'forensic audit' — who had access to what?"

The federal government requests that affected current and former employees and members update their login credentials that may be similar to those used with BGRS or SIRVA Canada, enable multi-factor authentication on accounts used for online transactions, and monitor financial and personal online accounts for any unusual activity as suggested by the federal government.

Also, if unusual activity is detected, affected individuals are asked to notify their financial institution immediately, contact the local police, and contact the Canadian Anti-Fraud Centre through their online system or by phone.