We confirmed yesterday that the Guild’s computer system was hacked into last Friday, May 27. We have commenced an investigation and notified the police and other authorities. We immediately implemented our back-up and disaster recovery plan that is in place to minimize the impact of a breach and protect CMG information.
We are writing to you now to let you and all Guild members know about this data breach because the Guild’s computer system contains personal information relating to all of our members.
The personal information related to every member that may have been accessed and downloaded by the hacker includes:
– name of member
– home address
– name of employer
– job classification
– rate of pay
Personal phone numbers and email addresses for some members are also in our system.
Social Insurance Numbers
Our computer did NOT contain the Social Insurance Numbers for the vast majority of Guild members.
The only Social Insurance Numbers in our system are of:
– members who are or were Guild employees
– members who were paid by the Guild to do work for the Guild (and received a T-4 from Guild)
– freelance members who were paid through the Guild.
We are going into detail about Social Insurance Numbers because Social – Insurance Numbers can be used to commit identity theft. The Social Insurance Numbers that are stored in our system are accessible only with a password. We have been advised, however, that this password protection may not protect the Social Insurance Numbers from being accessed by the hackers.
Just to be clear, we are not aware to date of any actual or attempted misuse of personal information or of any other information that is in our system. We also have not been contacted by anyone seeking a ransom. Nevertheless, we are contacting everyone who could potentially be affected.
Other Personal Information
For those of you who provided the Guild with other personal information (e.g., medical information, descriptions of harassment, etc.), perhaps in connection with a particular issue that the Guild was assisting you with, this information too may have been accessed.