NWT government won’t disclose details of $700K November cyber-attack

The Northwest Territories government says it suffered a significant cybersecurity breach in November but won’t disclose what took place.

The incident has cost the territorial government $716,000, a spokesperson said, adding that “no personal or private information was exposed.”

Cabin Radio learned of the breach through an incomplete summary of the incident provided anonymously.


Asked to confirm whether a major digital security breach had taken place “involving an unauthorized third party being able to secure full administrator rights to at least some aspects of the GNWT network,” the territory’s Department of Finance – which is responsible for information technology – said the November incident formed “a cybersecurity event that fits the description you provided.”

“The event was contained and remediated without further incident,” department spokesperson Todd Sasaki said by email.

Questions about what exactly took place, how long the breach lasted, what kind of access was gained, how the GNWT discovered the breach, whether the GNWT knows the identity of those responsible, whether any action is being taken against those parties if so, and whether the breach has been definitively fixed all went unanswered.

“The GNWT relies on confidentiality as a key component of our cybersecurity approach,” Sasaki wrote, explaining the territory’s decision not to comment.

“Keeping the details of cybersecurity events and our response private makes it harder for cyber threat actors to exploit vulnerabilities or discover attack vectors.”


Sasaki did, however, answer a question about the cost to the territorial government of the breach.

The territory “signed two work orders under existing contracts totalling $716,000 to assist with containment, investigation and response efforts associated with this event,” Sasaki wrote.

“Moving forward, the GNWT will continue to regularly assess its technologies and capabilities to keep pace with the increasing threats posed by cyber threat actors. Future enhancements and upgrades of technologies and skills are expected.

“This is par for the course for every organization running technology systems connected to the internet, to keep pace with the changing cyber threat landscape.”