The federal privacy watchdog, the Office of the Privacy Commissioner of Canada, revealed that the RCMP lost an unencrypted USB key containing personal information of 1,741 individuals, including victims, witnesses, informants, police officers, and civilian employees. The RCMP later discovered that this sensitive data was being offered for sale by criminals. The watchdog concluded that the RCMP violated the Privacy Act due to unauthorized disclosure, delayed reporting of the loss, and failure to adequately safeguard the information, despite the RCMP agreeing in principle to recommendations for stricter security measures.
RCMP thumb drive with informant, witness data obtained by criminals: watchdog
Royal Canadian Mounted PolicePhilippe DufresnePersonnelRussian invasion of UkraineCrime
AI Summary
TL;DR: Key points with love ❤️
The federal privacy watchdog, the Office of the Privacy Commissioner of Canada, revealed that the RCMP lost an unencrypted USB key containing personal information of 1,741 individuals, including victims, witnesses, informants, police officers, and civilian employees. The RCMP later discovered that this sensitive data was being offered for sale by criminals. The watchdog concluded that the RCMP violated the Privacy Act due to unauthorized disclosure, delayed reporting of the loss, and failure to adequately safeguard the information, despite the RCMP agreeing in principle to recommendations for stricter security measures.
Trending- 1 Prior to March 2022: RCMP lost the unencrypted USB key.
- 2 March 2022: RCMP informed the Office of the Privacy Commissioner of Canada about the breach.
- 3 Three weeks after loss: RCMP learned the data was being offered for sale by criminals.
- 4 Monday (June 9, 2025): Detailed report from the Office of the Privacy Commissioner of Canada released.
- Personal information of 1,741 individuals was compromised.
- The compromised data was offered for sale by criminals.
- The RCMP was found in violation of the Privacy Act.
- Recommendations for stricter security measures for USB devices were made, but the RCMP has not committed to a specific timeline for implementation.
What: The RCMP lost an unencrypted USB key containing sensitive personal information of 1,741 individuals (victims, witnesses, informants, police officers, civilian employees). This data was subsequently obtained and offered for sale by members of the criminal community. The federal privacy watchdog found the RCMP violated the Privacy Act.
When: The RCMP informed the watchdog about the breach in March 2022. The loss occurred prior to that. The RCMP learned the data was being offered for sale three weeks after the loss. The detailed report from the Office of the Privacy Commissioner of Canada was released on Monday (June 9, 2025).
Where: Canada (RCMP operations).
Why: The RCMP failed to encrypt the USB device, some documents on it were not password protected, and personnel failed to report the loss in a timely manner. The privacy watchdog concluded that the RCMP violated the Privacy Act by disclosing personal information without consent and failing to implement appropriate safeguarding measures.
How: An unencrypted USB storage device containing sensitive data was lost by the RCMP. Criminals obtained the data and offered it for sale. The Office of the Privacy Commissioner of Canada conducted an investigation and subsequently released a detailed report outlining its findings and recommendations.