The House of Commons is turning to outside security consultants after a cyberattack compromised an internal database containing MPs’ and staffers’ information, raising fresh concerns about Ottawa’s ability to protect sensitive parliamentary data.Blacklock's Reporter says a Request For Information seeks advice on “endpoint security solutions with hybrid delivery options both on premises and cloud-based” as the Commons looks to modernize its systems against the latest cyber threats. Officials say the upgrades are meant to cover vulnerabilities in a hybrid work environment and ensure security teams can detect and respond to incidents quickly. No budget details were provided.The latest breach, which occurred August 11 while Parliament was on a 13-week summer recess, targeted a database containing employee names, office addresses, and email accounts. .It follows a 2021 cyberattack in which Liberal and Conservative MPs belonging to the pro-democracy Interparliamentary Alliance on China were targeted by Chinese Communist Party hackers.Conservative MP Garnett Genuis (Sherwood Park-Fort Saskatchewan, Alta.) testified in 2024 before the Commission on Foreign Interference that he was never informed his accounts had been compromised. “Is the current system adequate? No,” Genuis said. “The most fundamental thing is that when government becomes aware of threats they should talk to us about it. That is clearly the biggest failure here.”Genuis described the attack as “progressive” and said Parliamentarians could have better protected themselves if notified in time. He added that keeping MPs in the dark violated their basic rights to be informed of threats..Former Liberal MP John McKay (Scarborough-Guildwood, Ont.) was also targeted. He said the attack prompted concerns that personal and partisan activities stored in parliamentary accounts may have been exposed. “I don’t think there’s been any consequences of that but in truth I don’t know,” McKay said.The House of Commons Administration has not disclosed how the breach occurred, but the request for consultant input signals growing unease about parliamentary cyber security and a desire to prevent further intrusions.
