A former Ontario government employee was among two suspects charged by the Ontario Provincial Police (OPP) in relation to a Nov. 2021 vaccine data breach. 

Ministry of Government and Consumer Services employee 21-year-old Ayoub Sayid was arrested by police alongside 22-year-old Rahim Abdu. 

Sayid was employed by the Ontario government at a vaccine call centre where the crime is alleged to have taken place. 

Approximately 360,000 people’s records were swept up in the breach. 

“In over 95 per cent of cases, only names and/or phone numbers were impacted,” said the Ministry of Public and Business Service Delivery. 

“Ontario’s COVID-19 vaccine booking system is regularly monitored and tested as part of the Ministry of Health’s cyber security protocols and we remain confident that the booking system continues to be a safe and secure tool for Ontarians to use.”

Both suspects are facing Criminal Code charges of Unauthorized Use of a Computer. Either could face up to a maximum of ten years in prison if convicted. 

Authorities caught wind of the scheme after the government received reports of people in the database being sent spam messages. 

Experts have had concerns about the security of vaccine passport databases since early on in the pandemic. 

In Aug. 2021, a group of hackers in Quebec were able to obtain vaccine passport codes of prominent politicians, including the province’s Premier Francois Legault. 

The hack included downloading QR codes from the government website by guessing the digits of politicians’ healthcare numbers. 

The government filed police complaints as a result of the incident.