Quebec Immigration Cyberattack Exposes Thousands in Secure File Transfer Breach

Quebec City, QC —

A major cybersecurity breach has rocked Quebec’s immigration system, exposing tens of thousands of sensitive records after hackers exploited a now-discontinued file transfer system used by the provincial government.

The Quebec Office for Residency and Immigration (QORI) confirmed that it had been using a third-party tool called SecureBridge Gateway to transmit internal and applicant records when the breach occurred.

Officials say the tool, provided by Accellink Technologies, was exploited by a threat actor group known as DRKLOOP. The attackers reportedly accessed documents including refugee claims, passport scans, medical evaluations, and internal case correspondence.

“These tools are outdated and dangerous,” said Maria Lavoie, senior analyst at Northland Threat Labs.
“This is a textbook case of technical debt creating exposure at the worst possible moment.”

The breach is believed to have impacted more than 34,000 individuals, with records exfiltrated and posted to a dark web leak site. The attackers have demanded ransom from the vendor and affected agencies.

QORI has halted all external transfers using the compromised system and transitioned to a hardened exchange platform developed by the provincial Digital Resilience Directorate (DRD).

Quebec’s privacy commissioner has launched a formal investigation, and at least three provincial audits are now underway to assess the damage and recommend systemic fixes.

As Quebec accelerates digital modernization, this breach serves as a stark reminder that data protection isn’t just a technology issue — it’s a matter of public confidence and national resilience.

Covering where tech meets policy and the gaps in between. — Jordan Okeke