Suspect 'put critical infrastructure at risk,' says RCMP
The Royal Canadian Mounted Police (RCMP) have arrested a former Ontario Power Generation (OPG) worker for allegedly leaking sensitive corporate information.
The RCMP's Federal Policing Integrated National Security Enforcement Team (INSET) in O Division (Ontario) arrested the former employee “for intentionally communicating safeguarded information to a foreign entity or terrorist group knowing or being reckless as to whether the communication would increase the capacity of the foreign entity or terrorist group to harm Canadian interests, contrary to section 16(1) of the Security of Information Act (SOIA),” said the RCMP.
“Evidence indicates that the individual acted with intent to put critical infrastructure at risk.”
RCMP charged the suspect on Feb. 10, according to a CTV News report. The police agency, however, online made the information public on Feb. 16.
In their press releases, both RCMP and OPG did not provide information about the former worker’s identity. However, Global News reported that the individual is named James Mousaly. A man by that same name was listed in 2022 as a nuclear operator at OPG, according to the report.
In February 2023, TELUS was said to be investigating a breach of employee data after concerning messages were posted online by someone on a criminal forum.
‘Public safety not compromised’
Meanwhile, OPG assured the public that “public safety and station integrity have not been compromised”.
The electricity generator also said it is prepared to combat security system threats.
“Ontario Power Generation (OPG) has been operating nuclear power plants safely for more than five decades. Our nuclear stations utilize sophisticated security technology and intelligence to keep our facilities and communities safe. This includes robust, ‘defense in depth’ security systems to ensure we are prepared to pre-empt or respond to any situation.
“These systems worked: immediately upon identifying an information breach, OPG and RCMP implemented measures to mitigate and manage any further unauthorized disclosure.”
According to the Global News report, the former OPG employee was accused of making online posts about security vulnerabilities. That worker is charged under section 16(1) of the Security of Information Act (SOIA).
Court records show that the alleged offence occurred on Jan. 30, 2024, and the suspect faces a possible life sentence if convicted, according to Global News.
In August 2023, Hamilton Health Sciences (HHS) in Ontario fired eight employees for their role in a privacy breach at the city’s health care system.
