Canadian House of Commons Hit by Cyberattack, Chinese Hackers Suspected
The House of Commons of Canada has fallen victim to a cyberattack attributed to Chinese hackers. The incident took place on August 8, but only came to light the following Monday through an internal notice obtained by CBC News.
The attackers gained access to a parliamentary staff database, stealing names, job titles, office locations, and email addresses of employees. They also exfiltrated information about official computers and mobile devices used within the House of Commons.
Situated on Parliament Hill in Ottawa, the House of Commons forms part of Canada’s legislative branch. Its primary role is to introduce, debate, and pass bills. According to IPU Parline, approximately 2,500 staff members support 343 Members of Parliament.
The exact number of affected employees has not yet been determined, nor is it clear whether the personal information of MPs themselves was compromised. The Communications Security Establishment (CSE) of Canada has pledged to assist the House of Commons in investigating the incident.
Experts believe the hackers exploited a vulnerability in a Microsoft system. The attack occurred shortly after Microsoft had warned of active exploitation of a zero-day vulnerability in SharePoint. Andrew Kostis, adversary research team manager at AttackIQ, noted the suspicious timing of the two events.
The wave of SharePoint attacks has impacted hundreds of organizations worldwide and has been attributed to several Chinese groups, including the notorious Salt Typhoon. Kostis reported that Salt Typhoon, alongside the Warlock group, has targeted nearly 400 organizations through similar exploits.
Microsoft had first identified the critical SharePoint vulnerability back in May but admitted last month that its initial patch was ineffective. An emergency out-of-band fix was later issued.
The Canadian Centre for Cyber Security has already linked Salt Typhoon to previous attacks against several Canadian telecommunications companies. In February, hackers successfully breached one of the nation’s major telecom operators.
Canada’s 2025–2026 intelligence report names China as the country’s “most sophisticated and active cyber threat.” Over the past four years, Chinese hackers have compromised the networks of at least 20 government agencies and departments.
Kostis advises government bodies to adopt adversary emulation tactics to defend against groups exploiting SharePoint and Exchange vulnerabilities. Such an approach would allow agencies to test their security systems against common attack methods, thereby strengthening defenses and reducing the risk of future breaches.
