The information of 69,000 payees of the Phoenix pay system was a part of a data breach due to an email sent in error, according to a Feb. 17 statement posted by Public Services and Procurement Canada.
As part of its regular distribution of reports outlining mispayments to the HR heads and CFOs of departments, earlier this month some of those reports, which included full names, home addresses, and payment details of over 69,000 government employees, were sent to more than 161 chief financial officers and 62 heads of human resources for the wrong departments.
The files were encrypted and the recipients were asked to delete the mistaken email and files.
Related:
SAP among 3 companies competing to replace Phoenix
The Office of the Privacy Commissioner of Canada was notified once the error was discovered, the affected employees will be notified in the coming days, and the practise of sending out the overpayment reports has been temporarily halted to allow for an investigation.
The controversy-laden electronic payroll system is used by the Canadian government for its employees and was already infamous for widespread payroll errors since 2016, with some being overpaid, some underpaid, and some not paid at all for months at a time.
At this time there have been no reports of the data being leaked to anyone outside the government.