The Toronto Transit Commission was recently a target of a very large cyber breach which led to service shut down as well as compromised employee data. The ransomware attack was discovered by their IT team through unusual network activity, at that time the effect of the attack seemed very minimal but quickly took a turn by midday the next day. The Chief of Security has not released details on how the breach occurred but had shared that the attack was done by “an extremely well-organized enterprise”. To properly secure the system, the Toronto Transit Commission relied on encrypting and locking servers. The Commission had confirmed that personal information for 25,000 current and previous employees had been stolen. The information taken includes name, address as well as social insurance numbers. At this time they have not been able to confirm whether any client personal information has been accessed. These ransomware attacks continue to be a growing issue for organizations and are being treated seriously and investigated by national security agencies and law enforcement.