BURSTA significant cyberattack hit the Canadian House of Commons on August 9, 2025, when threat actors exploited a recently disclosed Microsoft vulnerability to gain unauthorized access to sensitive employee information.
The breach underscores the growing cybersecurity challenges facing Canada’s government institutions amid an escalating threat landscape.
According to an internal email obtained by CBC News, House of Commons staff were notified on Monday about the data breach, which occurred the previous Friday.
The attackers successfully exploited a recent Microsoft vulnerability to penetrate a database containing information used to manage computers and mobile devices within the parliamentary system.
The compromised data includes employees’ names, job titles, office locations, and email addresses, as well as detailed information about House of Commons-managed computers and mobile devices.
Malicious actors could potentially use this non-public information to conduct targeted phishing campaigns, impersonation attacks, or further infiltration attempts against parliamentarians and staff.
While Canadian authorities have not officially disclosed the specific Microsoft vulnerability exploited in the attack, cybersecurity experts point to several recent critical flaws that have been actively targeted.
The timing coincides with widespread exploitation of CVE-2025-53770, a critical SharePoint Server vulnerability with a CVSS score of 9.8. This flaw, dubbed “ToolShell” by researchers, allows unauthenticated attackers to achieve remote code execution on on-premises SharePoint servers through unsafe deserialization of untrusted data.
Investigation In Progress
Canada’s Communications Security Establishment (CSE) confirmed awareness of the incident and is collaborating with the House of Commons to provide support. However, officials have been unable to identify the specific threat actors responsible for the breach.
“Attribution of a cyber incident is difficult,” the CSE stated. “Investigating cyber threat activity takes resources and time, and there are many considerations involved in the process of attributing malicious cyber activity”.
The House of Commons has urged all employees and members to remain vigilant, warning that the stolen information could be exploited in scams or used to target and impersonate parliamentarians. The institution is working closely with national security partners to investigate the incident, but has declined to provide additional details, citing the ongoing investigation.
This breach occurs against a backdrop of intensifying cyber threats targeting Canadian government institutions. The latest National Cyber Threat Assessment 2025-2026 reveals that Canada faces an “expanding and complex cyber threat landscape” with increasingly aggressive state and non-state actors.
The attack highlights ongoing challenges with Microsoft security vulnerabilities that continue to plague organizations worldwide. Microsoft’s August 2025 Patch Tuesday addressed 107 vulnerabilities, including 13 critical flaws.
Among the most concerning is CVE-2025-53779, a Windows Kerberos vulnerability that allows unauthenticated attackers to gain domain administrator privileges.
The SharePoint vulnerabilities that emerged in July 2025 have been particularly problematic. Multiple threat groups, including Chinese state-backed hackers and ransomware gangs have actively exploited CVE-2025-53770 and related flaws.
These attacks have successfully compromised high-profile targets, including the U.S. National Nuclear Security Administration, Department of Education, and government networks across Europe and the Middle East.
Boost your SOC and help your team protect your business with free top-notch threat intelligence: Request TI Lookup Premium Trial.
The post Canada’s House of Commons Hit by Cyberattack Exploiting Recent Microsoft vulnerability appeared first on Cyber Security News.