The Royal Canadian Mounted Police have proven themselves incompetent and untrustworthy before, but never at this scale.[i]
In 2021, the RCMP presided over a massive data breach.
More than 2.2 million licensed firearms owners were affected.
Names. Addresses. Contact details. Licensing records.
A veritable Christmas Wish list for criminals, and everyone responsible for it stayed quiet.
This was not a minor IT mishap. It was a catastrophic failure of basic data stewardship.
The RCMP outsourced core functions of the Canadian Firearms Program to an unidentified third party. That vendor was hit with a ransomware attack.
The RCMP insisted that, while there “was no indication that any personal information was viewed or extracted, it is not possible to confirm that it was not accessed.”
Read that again.
“It is not possible to confirm”, yet the RCMP chose to give themselves a full pass instead of holding themselves accountable.
Again, those who follow such things know this is nothing new. It’s long and well documented that this is exactly how the RCMP operates.
- Protect the institution.
- Blame everyone except themselves.
While Canadians slept, while the RCMP downplayed the risk to their political masters, and while Public Safety Minister Bill Blair hid the data breach from licensed gun owners… organized criminals had a target-rich list to choose which guns they would steal and from whom.
- The breach occurred in March 2021.
- The RCMP reported it months later.
- The Minister of Public Safety intentionally left the public in the dark.
No warning. No disclosure. No urgent guidance for the millions of people and their families placed at risk by the RCMP’s incompetence and Minister Bill Blair’s cover-up.
Bill Blair’s decision to hide the RCMP Data breach exposed families to burglary, intimidation, and theft.
Every break and enter of a licensed gun owner can arguably be placed at the feet of the RCMP and then-Minister of Public Safety Bill Blair.
As the former Chief of the Toronto Police Service, Bill Blair understood exactly what a mass exposure of firearms owner data meant.
Yet, in longstanding Bill Blair fashion, he chose to protect his career instead of doing his job: protecting the lives and property of 2.2 million licensed Canadian gun owners.
It was more important to insulate himself and Justin Trudeau’s Liberal government than to issue a valid and urgent public warning.
That’s not leadership. That’s criminal negligence.
• When you do not know, you warn those affected.
• When you put millions at risk, you act with urgency.
• When you fail, you tell the truth.
That’s the opposite of what happened.
The Liberal government intentionally hid the scale of the data breach for years. The vendor was never named, oversight was always deflected, and accountability never entered the process.
Lawful firearms owners did everything required of them. In return, the Canadian government failed its most basic duty: to protect the data it demands from the people it regulates.
This is why trust with in the RCMP and this Liberal government is broken.
Public safety is not a press release. It is a responsibility.
In 2021, that responsibility was abandoned by the RCMP and the Liberal federal government.
The RCMP must be held accountable for operational incompetence.
The Liberal government must answer for its deliberate lack of transparency that put 2.2 million Canadians in harm’s way.
And Parliament must demand independent oversight, mandatory data breach notification, and consequences for officials who choose silence over public safety.
2 Comments
Bob
I just sent this letter to my MP
Dear . As a resident at:
I am writing to express my profound concern regarding the 2021 data breach involving RCMP-held personal information, including the names, addresses, contact details, and firearms licensing records of Canadian citizens such as myself. The sensitivity of this information cannot be overstated, and the implications of its unauthorized exposure pose a clear and serious risk to personal safety, privacy, and security.
What is of even greater concern is that this breach was not disclosed to affected individuals or made public in accordance with Canadian data breach disclosure requirements. Under PIPEDA, organizations are obligated to report any breach involving personal information that presents a “real risk of significant harm” (RROSH) to both the Office of the Privacy Commissioner of Canada and the individuals affected. This reporting must be carried out “as soon as feasible,” and organizations must maintain breach records for a minimum of two years.
The nature of the information exposed in this incident unquestionably meets the RROSH threshold. Firearms ownership and licensing data, when paired with identifying and contact information, create heightened personal risk for targeted theft, harassment, intimidation, or other forms of harm. The lack of timely notification to affected citizens represents a serious failure of transparency and compliance.
I respectfully request that this matter be addressed in Parliament. Canadians deserve accountability, clarity regarding what occurred, an explanation for the failure to meet mandatory disclosure obligations, and assurance that immediate measures are being taken to safeguard sensitive personal information and prevent future breaches.
Thank you for your attention to this urgent and deeply troubling issue. I look forward to seeing this matter raised and addressed at the federal level.
Michael Baker
Their criminal incompetence has put all of us and my family at risk. The RCMP along with this 3rd party group should be sued by all of us in a class action lawsuit so we can fortify our homes with additional security thanks to these morons. They want to take our firearms away when they are the real threat to public safety. I’m serious, somehow we should collectively sue them for an outrageous amount of money.