The city of Laval victim of a computer attack

The city of Laval, on the other hand, has been the target of a computer attack and has had to disrupt some of its online services to citizens. A “limited” amount of information was stolen, according to Mayor Stéphane Boyer, but the municipality still does not know what the documents are.

Posted at 3:08pm
Updated at 7:02 p.m

Hugo Joncas

Hugo Joncas
The press

Henri Ouellette-Vezina

Henri Ouellette-Vezina
The press

The city’s computer services determined something was wrong around 4 p.m. Wednesday. Therefore, to protect itself from hackers, the city quickly blocked access to some of its services via the Internet. “We are currently trying to prevent a computer attack,” Mayor Stéphane Boyer said at a press conference on Thursday. He explains that the attack came via an employee’s email, which was compromised by the cybercriminals.

The mayor assures that the city “has no reason to believe” that citizens’ personal information has been “swiped or stolen”.

In conversation with The press, wants to reassure the communications director of his cabinet, Alexandre Banville. It ensures that the public’s confidential information is not compromised. “We want to reassure citizens: their data is not at risk. It’s not like someone at a specific financial institution pulled a database,” he says.

“It could be a lot of text”

“What was pulled out isn’t very difficult, but we don’t yet know what it is. If photos are involved, few were likely stolen. But if it’s text, it can be a lot of text,” continues Alexandre Banville.

In all, the city estimates that 600 megabytes, or 600 million bytes, may have been stolen by cybercriminals.

That’s the equivalent of dozens of photos or tens of thousands of pages of text with no images.

Going forward, computer experts from giant Microsoft will help the city penetrate deep into its networks and ensure no other element has been compromised. By the end of the day, Thursday, city services were beginning to respond to the controls. However, one major annoyance remained: any payment to the city administration was impossible.

Citizens were also unable to view the municipal rating list.

On Twitter, through Sunday, September 18, the municipality called for the “collaboration” of citizens “to avoid using online services to communicate with the city.” Instead, authorities are suggesting using “personal or telephone services” at weekends by going to service counters or calling 311 directly.


“It is important for us to act in full transparency and quickly in context,” said Alexandre Banville.

experts consulted The press welcome the mayor’s decision to communicate quickly about the attack. “I think they chose the right strategy: telling people the exact situation,” said Karim Ganame, Cyber ​​Threat Detection Expert at Streamscan. The city must then inform the population regularly, he says.

“That’s the way to go,” says Brett Callow, an analyst at antivirus firm Emsisoft. It is a public organization and the public needs to be informed of the situation. »

They agree that the event appears relatively insignificant, according to Laval. “It appears to be a single mailbox that was compromised,” said Alexis Dorais-Joncas of cybersecurity firm Proofpoint. There may be some sensitive information inside, but the hackers don’t seem to have had access to the full emails. »

Serial Attacks

Computer attacks in Quebec have multiplied in recent months.

Also in Laval, a group of hackers attacked the Collège Montmorency and published tens of thousands of files on the hidden web (dark web), uncovered The press September 8th. In particular, they contain information on internal examinations of employees as well as medical and psychiatric information. The leak also includes identifying information about hundreds of people, such as their social security number, date of birth, and full contact information.

In August, a severe cyber attack also hit the leisure vehicle manufacturer BRP, Valcourt. The hackers then leaked thousands of documents stolen from the Ski-Doo maker into the covert web, hundreds of which are trade secrets.

Learn more

  • $57 billion
    Estimated losses from business email breaches worldwide, 2016-2021

    fbi cybercrime complaints office

Leave a Comment