Cybersecurity Incident

Update on the Cybersecurity Incident

The Town of Huntsville concluded its investigation into the cybersecurity incident that was discovered on March 10, 2024. The investigation revealed that some sensitive personal identifiable information was included in the compromised data. Affected individuals for whom the Town had sufficient contact information were contacted directly.

We encourage individuals who have previously provided sensitive information to the Town of Huntsville, Muskoka Heritage Place, the Algonquin Theatre, or Huntsville Public Library to take the precautions outlined on priv.gc.ca to safeguard their data. 

Frequently Asked Questions

On March 10, 2024, we discovered that an unauthorized third party had accessed our network and engaged in activity which impacted some of our systems. We responded immediately and took steps to contain the incident, including temporarily taking systems offline in order to secure our network and data.

We retained a team of third-party cybersecurity experts to investigate the cause and extent of this incident, and have retained legal counsel to assist us in our response. Our investigation identified that some of the data we hold was impacted by this incident. We completed a thorough review of that information and identified those who could have been affected and the nature of the personal information involved. 

We began sending communications to affected individuals for whom we have contact information on December 5, 2025. Out of an abundance of caution, we recommend that anyone who has previously provided sensitive information to the Town of Huntsville, Muskoka Heritage Place, the Algonquin Theatre, or Huntsville Public Library to take precautions outlined on priv.gc.ca to safeguard their information. 

We understand you may have concerns. When the cyber incident was identified, we notified the public immediately and the Town launched an investigation to determine the cause and scope. Due to the nature and volume of information the Town is required to collect, this was a complex and time-consuming process. Once this effort was completed, individuals whose sensitive personal information was included in the compromised data and for whom the Town had sufficient contact information were contacted by the Town of Huntsville directly.

Affected individuals for whom the Town had sufficient contact information were notified of what personal information was identified in the impacted data. Overall, the personal information involved in this incident varied by individual as the Town is required to collect a variety of personal information in relation to its various public services. Please note that the Town has taken steps to ensure that any personal information involved in this incident has been secured. To date, we have no evidence that your personal information has been further disclosed or misused for any fraudulent or malicious purposes.

Please note that the Town has taken steps to ensure that any personal information involved in this incident has been secured. To date, we have no evidence that your personal information has been further disclosed or misused for any fraudulent or malicious purposes.  

As a precautionary measure, we recommend that anyone who has previously provided sensitive information to the Town of Huntsville, Muskoka Heritage Place, the Algonquin Theatre, or Huntsville Public Library to take precautions outlined on priv.gc.ca to safeguard their information. 

No. If you received a communication from the Town indicating that some of your information was involved in this incident it does not mean you are a victim of identity theft or that your information has or is likely to be misused for any fraudulent purposes. To date, we have no evidence that your personal information has been further disclosed or misused for any fraudulent or malicious purposes.

Nevertheless, the Town recommends you remain vigilant and report any suspicious communications you receive or activity you may identify regarding your personal information to the appropriate authorities. 

To date, we have no evidence that your personal information has been further disclosed or misused for any fraudulent or malicious purposes. However, if at any time you believe you have been the victim of fraud or identity theft, contact your local law enforcement agency and file a police report.

The Town is committed to protecting the privacy and confidentiality of its residents’ personal information, and it deeply regrets that this incident occurred and any inconvenience it may have caused. Please know that the Town took steps to secure the information as soon as this incident was discovered and has no evidence that any personal information has been further disclosed or misused for any fraudulent or malicious purposes.   

The Town is also committed to enhancing its security measures wherever possible but the constantly evolving nature of cybersecurity threats makes this an extremely difficult challenge for any organization.  

This incident has been reported to local law enforcement and the Town has cooperated fully with their investigation. 

Previous Communications

Release Date Communication
March 11, 2024 Media Release: Huntsville Investigates Cybersecurity Incident And Facility Impacts
March 11, 2024 Media Release: Huntsville Cybersecurity Incident Update
March 12, 2024 Municipal Services Update - March 12, 2024
March 13, 2024 Huntsville Mayor And CAO Provide Cybersecurity Update
March 15, 2024 Municipal Services Update - March 15, 2024
March 18, 2024 Media Release: Huntsville Cybersecurity Incident Update – Algonquin Theatre
March 21, 2024 Municipal Services Update - March 21, 2024
March 22, 2024 Algonquin Theatre Service Update – March 22, 2024
March 27, 2024 Media Release: Huntsville Confirms Details Of Cybersecurity Incident
April 25, 2024 Municipal Services Update - April 25, 2024
May 9, 2024 Media Release: Huntsville’s System Recovery After Cybersecurity Incident In Final Stages
December 8. 2025 Media Release: Huntsville Concludes Investigation into Cybersecurity Incident