The personal information of as many as 2.4 million voters has vanished from an Elections Ontario warehouse, prompting two investigations and a full review of the agency's security policies.
The head of Elections Ontario said he takes full responsibility for the disappearance of two USB keys that contained names, addresses, genders, birth dates and whether a person voted in the last election for residents in as many as 25 ridings.
The agency does not yet know which ridings from a pool of 49 were affected, so it is warning millions more about the breach.
"I take this matter extremely seriously and I want to sincerely apologize to all Ontarians for any concern that this notification may cause," Greg Essensa, chief electoral officer, said at a Queen's Park press conference Tuesday.
"We have … undertaken a full internal investigation to completely review the matter and circumstances leading to the USB keys' disappearance."
The Ontario Provincial Police and the province's privacy commissioner have launched investigations into the matter. But the privacy breach raises broader questions about how safely the government and its agencies store personal information.
Ann Cavoukian, Ontario's Information and Privacy Commissioner, said she has repeatedly warned that this kind of information should not be stored on USB keys, laptops or other mobile devices.
And if it is, it should be protected with strong encryption.
"I am deeply disturbed that a breach of this extent, the largest in Ontario history, involving millions of individuals, could happen at Elections Ontario – the agency charged with protecting the integrity of our electoral process," Ms. Cavoukian said.
The loss of an address and birth date is not as grave as losing social insurance numbers or driver's license information, fraud experts say.
But computer security expert Thomas Dean, an associate professor at Queen's University, said residents still need to be vigilant.
"It's not just them going to the banks and pretending to be you," Prof. Dean said.
"It's them coming to you and pretending to be institutions [to get more information] as well."
Elections Ontario stressed that protocol was not followed in this instance.
Its policies dictate that USB keys must be password protected and encrypted if they carry personal information, and that the keys must be in the custody of staff at all times.
In this particular case, two staff members, who were working in a warehouse in late April updating the permanent register of electors for Ontario, did not follow the the rules.
The two were supposed to secure the USB keys at the end of the work day, but failed to do so.
The next morning when they returned to work, the keys were gone.
The two staff members are no longer with Elections Ontario, although Mr. Essensa declined to indicate if they were terminated or voluntarily left their positions.
Mr. Essensa said that in order for anyone to access the data on the USB keys, they need special Elections Ontario software.
Still, the agency recommended that Ontario residents in the 25 affected districts that stretch right across the province monitor their transaction statements for "any unusual activity."
The districts that are possibly affected include:
Kingston and the Islands
Don Valley East
Don Valley West
London North Centre
Sault Ste. Marie