Immigration, Refugees and Citizenship Canada (IRCC) sent emails containing names, application numbers and unique client identifiers to the wrong addresses. IRCC claimed that it became aware of the privacy breach on August 3, a day after announcing the extensions.
Updated Aug 09, 2022, 11:47 AM IST
As the Canadian government was preparing to extend the status of expired and soon-to-expire Post-Graduation Work Permit (PGWP) holders and Temporary Residence to Permanent Residence (TR2PR) applicants, reports of data breach have surfaced. Canada recently announced that post graduate work permits shall be extended for some international graduates.
Immigration, Refugees and Citizenship Canada (IRCC) sent emails containing names, application numbers and unique client identifiers to the wrong addresses. IRCC claimed that it became aware of the privacy breach on August 3, a day after announcing the extensions. These emails stated that the clients may be able to get their work permit updated with a longer validity date. They also provided clients with the option to opt-out of the extension.
“As is the case for privacy breaches, an investigation into this incident is currently underway,” the IRCC email first accessed by CIC News read. It further read, “We are taking precautions and have appropriate measures in place to ensure security of information. Once all affected clients have been identified, clients will be sent an email with the correct information.”
It also said that a separate email will be sent to those affected informing them of the privacy breach. The IRCC further stated that clients are not advised to share incorrect email with others, advising them to delete the email from their inbox. The IRCC mentioned, “Once the issue has been resolved, a notice of correction will go out to those affected, and the correct email message will be distributed.”
PGWP is a one-time open work permit that allows candidates to work for any employer in Canada.