{"id":216701,"date":"2026-05-19T14:03:00","date_gmt":"2026-05-19T18:03:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/19\/developer-breaches-newmarket-website-for-resident-data-urges-better-cybersecurity\/"},"modified":"2026-05-19T15:10:12","modified_gmt":"2026-05-19T19:10:12","slug":"developer-breaches-newmarket-website-for-resident-data-urges-better-cybersecurity","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/19\/developer-breaches-newmarket-website-for-resident-data-urges-better-cybersecurity\/","title":{"rendered":"Developer breaches Newmarket website for resident data, urges better cybersecurity"},"content":{"rendered":"<p><a href=\"https:\/\/www.newmarkettoday.ca\/local-news\/developer-breaches-newmarket-website-for-resident-data-urges-better-cybersecurity-12289985\">Developer breaches Newmarket website for resident data, urges better cybersecurity<\/a><\/p>\n<p><a href=\"https:\/\/www.newmarkettoday.ca\/local-news\/developer-breaches-newmarket-website-for-resident-data-urges-better-cybersecurity-12289985\">https:\/\/www.newmarkettoday.ca\/local-news\/developer-breaches-newmarket-website-for-resident-data-urges-better-cybersecurity-12289985<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-19 14:03:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.newmarkettoday.ca\">www.newmarkettoday.ca<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. Town confirms 24 records were accessed, and that security issues have been addressed<br \/>\n        Newmarket resident and software developer Daryl Burke said he was exploring the winter parking ban on the Town of Newmarket website when he noticed the security was amiss.Burke, who also does online security research, said he could tell the website was vulnerable. He found he was able to access the private information of residents \u2014 and knew more malicious hackers could have done the same.Burke said addressing the issue with the town has been frustrating, and he questioned how much they\u2019re taking responsibility for the vulnerability.\u201cEvery community from the town (says) we follow industry standard,\u201d he said. \u201cThey\u2019re hiding behind those statements when in reality there are massive holes.\u201dThe breach occurred March 20. Burke said the town\u2019s website \u2014 which has since been updated and restructured \u2014\u00a0had a vulnerability that was easy to expose in the scripting language, with the parking system using \u201csequential, predictable account numbers\u201d and the back-end not checking whether the person asking for an account record was entitled to see it.Burke said the vulnerability likely existed for an extended time. He said this could be an issue, given threats like the Canadian Centre for Cyber Security bulletin warning about state-sponsored Chinese cyber actors targeting all levels of government for cyber espionage in a 2024 bulletin.\u201cThe Cyber Centre encourages provincial, territorial, Indigenous, and municipal governments, as well as Indigenous governance organizations, to bolster their awareness of and protection against sophisticated cyber threat activity,\u201d the federal cybersecurity bulletin said.With the town not having log data for website access going back longer than 90 days, there is no way to be certain if someone else may have access to other residents&#8217; information without informing the town, as he did, he said.Also at issue was that the back-end server systems were years out of date, Burke said, making them more vulnerable to attack without more recent updates.The deficiencies in the system \u201ccompose into a functional attack chain that any moderately capable adversary could have executed,\u201d Burke said.The town said it immediately engaged with its third-party administrator to investigate and secure the system after the breach, resolving the misconfiguration.\u201cThe town also conducted a manual review and determined that a limited amount of non-sensitive personal information was accessed without authorization,\u201d the municipality said. \u201cHaving recently confirmed the 24 records accessed, the town is in the process of notifying the individuals directly.\u201dThe town further said it has reported the matter to the Office of the Information and Privacy Commissioner of Ontario.The municipality said it is aware of Canadian Centre for Cyber Security advisories warning of vulnerabilities affecting certain websites. The town said it has identified vulnerabilities prior to the issuance of advisories and taken appropriate steps.<\/p>\n<p>\u201cSpecifically, interim security measures were implemented to secure and monitor the system on an ongoing basis until it could be fully replaced as part of the Town\u2019s planned website modernization initiative. The Town did not experience any security issues occurring during this period,\u201d the municipality said.The town now has a new website in place, which it said is from a third-party provider specializing in cybersecurity.\u201cThe town continues to actively monitor its digital services and applies regular security updates and enhancements to safeguard its systems and protect the information under its control,\u201d the municipality said.Burke said he has struggled getting satisfactory responses from the town from his perspective, with the town denying accountability and not responding to all his concerns regarding security processes being followed.He said he is complying with town&#8217;s instructions to provide the data taken and delete all copies, not intending to do anything with it, though he said that process has also been drawn out.He said the rise of artificial intelligence makes cybersecurity even more important for municipalities. AI tools have made it easier to attack systems, he said, for which municipalities have to be getting ready.\u201cIt makes the hackers 10 times more effective in breaking into these systems,\u201d Burke said. \u201cThis storm is coming, and municipalities and companies need to be proactive. They need to educate themselves.\u201dThe town said cyber incidents are an ongoing reality for all organizations.\u201cWith this matter, the town responded quickly and thoroughly, and as part of our cybersecurity program, we engage third\u2011party experts to ensure we maintain industry best standards,\u201d the municipality said. \u201cWe continue to strengthen our systems and monitoring capabilities as part of our ongoing commitment to protecting information.\u201d<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Developer breaches Newmarket website for resident data, urges better cybersecurity https:\/\/www.newmarkettoday.ca\/local-news\/developer-breaches-newmarket-website-for-resident-data-urges-better-cybersecurity-12289985 Publish Date: 2026-05-19 14:03:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":216702,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.vmcdn.ca\/f\/files\/newmarkettoday\/images\/politics\/20260515-burke-jq.png;w=1000;h=1000;mode=crop","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,30,24,27],"class_list":["post-216701","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-breach","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216701"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=216701"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216701\/revisions"}],"predecessor-version":[{"id":216703,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216701\/revisions\/216703"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/216702"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=216701"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=216701"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=216701"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}