The cyberattack is believed to have exploited a recently discovered flaw in Microsoft software.
CBC News revealed on August 14, 2025, that the House of Commons of Canada had been the victim of a data theft, following the exploitation of “a recently discovered vulnerability in a Microsoft product.” Journalists were able to review an internal email, dated August 11, 2025, that informed employees of the intrusion.
According to CBC News, the compromised data includes “employees’ names, their job titles, office locations, and email addresses, as well as information related to their computers and mobile devices managed by the House of Commons.”
The House of Commons confirmed that an intrusion had occurred but declined to provide further comment due to an ongoing investigation. No details have been released regarding the compromised database, the possible origin of the attack, or the nature of the exploited vulnerability.
As a reminder, Microsoft announced on July 21, 2025, that it had discovered a zero-day flaw affecting on-premises SharePoint servers, which was already being actively exploited by cybercriminals.
Click Here For The Original Source.
