The Art Gallery of Ontario announced a “cybersecurity incident” in its computer systems in September that may have resulted in a third party gaining unauthorized access to some customer information.
In a statement and email to members, the art gallery acknowledged that an unauthorized third party had accessed internal shared servers, but said “the vast majority of customer data and credit card information was not affected.” added.
The gallery said it had received recommendations from lawyers and security experts in accordance with privacy laws and was notifying customers who may have been affected.
In an email to members, the AGO said the breach affected its systems between September 9 and 18. It added that an investigation was conducted by security experts to “clearer understand the scope” of the breach.
Members urged to be careful of suspicious activity.
The AGO said it advised its members to remain vigilant and take steps to prevent phishing, identity theft and fraud. Members are asked to monitor their accounts and account statements and be on the lookout for suspicious activity.
The museum said it would take steps to strengthen its computer systems, including introducing new authentication methods.
“We deeply regret that such an incident occurred. The security of our customers’ data is of paramount importance to us and we remain committed to protecting it,” the AGO said in an email.
“Despite our best efforts, AGO has not been immune to the type of cybersecurity incident that has affected many organizations in the public and private sectors in Canada.”
If you have any questions, please contact the AGO at priority@ago.ca or (416) 979-6608.
