Auditor General will investigate FOIPOP breach

The Office of the Auditor General has agreed to investigate last month's breach of Nova Scotia's FOIPOP website, after a request for help from the province.

In a letter asking for the aid of auditor general Michael Pickup, Internal Services minister Patricia Arab writes that the province would “greatly benefit” from the OAG's support.

“As minister, I regret, and have apologized publicly, that Nova Scotians had their personal information compromised. Your findings will help us to ensure that we are doing what we can to safeguard the privacy of Nova Scotians.”

The government is still dealing with the technological and political fallout from the unauthorized access of its Access to Information web portal last month.

Some 7,000 documents containing personal information on hundreds of Nova Scotians were downloaded with minimal effort by a Halifax teenager, who says he thought he was viewing public files.

The open door that allowed the download and the breach itself were only discovered by accident weeks later when a government employee stumbled across the same security flaw.

Pickup's audit will be conducted parallel to an investigation already underway by the province's privacy commissioner Catherine Tully. Arab writes that the department of Internal Services will work closely with staff from the offices of the Auditor General and Information and Privacy Commissioner.

“We would also support whatever division of work and sharing of materials between your offices that the two organizations see as appropriate, subject to ensuring that the necessary protections are in place to avoid an inadvertent waiver of any privileged materials.”

The news comes the same day as another privacy breach on a government website—this time from an online school registration site.

The Halifax Regional Centre for Education—formerly the Halifax Regional School Board—shut down its Excel online registration system Monday morning after being informed people could view the personal information of other applicants, including phone numbers and ages.

According to the province, more than 1,000 parents have potentially had their personal information put at risk.

The data leak is part of what's becoming a growing trend of cyber flubs and fuck-ups in Atlantic Canada, including NSBI’s website redirecting users to pornography and the Prince Edward Island government’s website being targeted on Monday by a ransomware attack.

The 19-year-old at the centre of the FOIPOP breach is still facing charges of unauthorized computer use but has garnered support financial and political from digital rights advocates across the world.

Meanwhile, the province's Access to Information site is still offline.