Hackers Exploit Vulnerability to take down Whistler.ca Website

2019, Breaches, January

Who: RMOW – Resort Municipality of Whistler

What was affected: Municipal website, whistler.ca, has been breached

When it happened: December 28, 2018

How it happened: The Resort Municipality of Whistler (RMOW) is informing members of the public that its municipal website, Whistler.ca, was subject to a recent security breach. It appears the purpose of the attack was to re-direct people to different and, most likely, illicit websites.

Outcome: Municipal staff first became aware of the breach on Friday, December 28, 2018. Immediate action was taken to identify, contain and resolve the issue. On Thursday, January 3, 2019, staff became aware that personal information collected through forms on the website may also have been vulnerable. An action was quickly taken to remove the webforms and any associated personal information from the site. The entire site was then returned to an earlier, uncompromised version. Whistler.ca is now being scanned several times a day for malware to ensure it remains secure. As part of continuing to provide the security of the website, a security audit will take place in the coming days.