Home
A A A

Update on Cybersecurity Incident

Working on the laptopThe Town of Ponoka (the “Town”) takes privacy and the security of personal information in our care very seriously.

As you may recall from our previous announcement, on March 4, 2024, the Town learned that an unauthorized third party gained access to a portion of our network environment and encrypted a number of our IT systems. In response, we immediately disconnected our systems from the network to prevent any further unauthorized activity and engaged external cybersecurity experts to assist with containment, remediation and to conduct a forensic investigation.

While we had measures in place to protect our IT system before the breach, cybersecurity threats are constantly evolving and so we have implemented enhanced security measures, including 24/7 advanced endpoint detection and response monitoring, to better prevent an incident of this nature from reoccurring in the future. Furthermore, we have reported this incident to law enforcement as well as to the Office of the Information and Privacy Commissioner of Alberta. 

Our investigation into this matter has concluded and as part of this process we have identified that certain emails and files such as: complaint notifications from residents and resulting follow up; Certificates of Recognition for residents achieving milestone birthdays; vendor quotes; details of Town or AHS enforcement actions related to residential properties, including property owner information; direct banking information for utility customers and direct deposit information for business suppliers which may have been accessed and/or copied by the unauthorized third party. To date, we have no evidence that any personal information has been misused as a result of this incident.

Please note, that generally the types of personal information provided to the Town are insufficient for an unauthorized third party to carry out identity theft or fraud. Nonetheless, out of an abundance of caution, please review the steps below under “What you can do.” to best protect your personal information from being misused, including for the use of phishing.

What you can do: 

Remain vigilant – We encourage you to remain vigilant regarding threats of identity theft, fraud and/or phishing by engaging in the following best practices: 

  • If you receive emails, telephone calls or text messages asking for your financial or any other personal information you were not expecting, particularly if they purport to be from the Town, please consider such communications to be fraudulent and contact us immediately to verify their authenticity. 
  • Change online passwords for your financial and other sensitive accounts regularly and make sure they are secure.  
  • Never respond to unsolicited requests for your financial information and be careful when sharing your personal information unsolicited, whether by phone, email or on a website. 
  • Avoid clicking on links or downloading attachments in suspicious emails. 

Click here for additional tips and resources to help you protect your identity.

For more information:

If you have questions regarding this incident or this letter, please contact Dawn Sauvé at dawn.sauve@ponoka.ca or 403-783-0121 and we will endeavour to get back to you as quickly as we can. 

We apologize for the inconvenience and concern that we know this incident may cause you. We thank you for your patience and understanding as we continue working to fully address this matter and do everything possible to help prevent it from reoccurring in the future.