Skip to main content

The Weather Network’s parent company says it decided not to pay a ransom after last month’s cyberattack took down its operations for several days and a group of hackers threatened to leak its internal data on the dark web.

In a statement Tuesday, Pelmorex Corp. – which also owns The Weather Network’s French-language equivalent MétéoMédia, along with El Tiempo in Spain and other services, such as Canada’s emergency alerting system – said it is still dealing with glitches caused by the hacking incident, but that most functions are back to normal.

The breach of Pelmorex’s internal system had paralyzed its mobile applications and websites in mid-September, forcing it to call in the RCMP to investigate. Then, last week, the Oakville, Ont.-based company found its data advertised on the dark web, a corner of the internet most often used for illicit purposes.

Now, Pelmorex president and chief executive Nana Banerjee is hoping to gain back the trust of users and customers.

“Our team of engineers are hard at work,” he said in Tuesday’s statement. “We did not yield to the ransom demands. Instead, we relied upon the enterprise and dedication of our people, as well as the understanding, patience and encouragement of our users and audiences to overcome the situation.”

Mr. Banerjee suggested some people may have turned away from The Weather Network because of the disruption at Pelmorex. Addressing the company’s users directly, he said he recognizes they have other options, but “will be honoured to have the opportunity to once again bring you timely, accurate and reliable weather information.”

Ransomware is a type of malicious software that infiltrates organizations’ computer systems and holds their data hostage for large sums of money. In Pelmorex’s case, it has attributed last month’s cyberattack to LockBit – a Russian ransomware group that was also behind at least 22 per cent of all such digital breaches in Canada last year, according to the country’s intelligence agency, the Communications Security Establishment.

LockBit had given Pelmorex a deadline for Sept. 24 before publishing the company’s data on the dark web. The criminal group claimed it had “downloaded a lot of databases” from Pelmorex’s network, including codes to its internal servers.

But Karen Kheder, director of communications and administration at Pelmorex, said in a separate statement that this leaked data was only “publicly available” information. That includes weather alerts, archived forecasts, station codes and other similar details, she said.

Alert Ready, which is Canada’s national warning system for emergencies such as child abductions and is operated by Pelmorex, was not affected by the breach, Ms. Kheder said. She added that Alert Ready’s technical infrastructure operates separately from Pelmorex. Joanna Kanga, press secretary for Emergency Preparedness Minister Harjit Sajjan, said “authorized government officials have been able to issue alerts as required.”

The Office of the Privacy Commissioner of Canada has reached out to Pelmorex to learn more about its breach and “determine whether personal information has been compromised,” said Vito Pilieci, the OPC’s senior communications adviser, in a statement. “We have not yet received a reply or a breach report from the company.”

The RCMP declined to comment on the matter.

Follow related authors and topics

Authors and topics you follow will be added to your personal news feed in Following.

Interact with The Globe