Personal information of about 2.4 million voters living in 20-25 electoral districts is missing, confirms Elections Ontario boss Greg Essensa.

Two USB keys containing names, addresses, genders, birth dates and whether an elector voted in the last election — as well as any other personal information updates provided by electors — vanished at the end of April, Essensa, the Chief Electoral Officer, told a Queen’s Park press conference on Tuesday.

The Ontario Provincial Police have been called in to investigate the breach and the two employees responsible for losing the keys have been let go, Essensa told reporters.

However, questions are being raised as to why Elections Ontario waited so long before informing the public. And, experts are warning the public to be wary of identity theft.

It is troubling that Essensa was informed of the possible situation on April 27 but the public wasn’t informed until mid-July, said New Democratic MPP Jagmeet Singh.

“Privacy is one of our most important interests,” Singh said. “It’s protected by the Charter of Rights and Freedoms. All Ontarians deserve to know that their information is kept private particularly by Elections Ontario.”

If an incident happens several months ago, it is “incumbent on those responsible to release that information immediately,” added Singh (Bramalea—Gore—Malton.)

It’s definitely worth questioning what Elections Ontario felt they had to additionally learn from April to mid-July, said Progressive Conservative MPP Sylvia Jones (Dufferin—Caledon). “But obviously I am pleased they acted,” Jones said. “Most importantly is what do you do differently to make sure this doesn’t happen again?”

Ontario’s Information and Privacy Commissioner Dr. Ann Cavoukian was told of the issue on July 5 and she advised Elections Ontario to tell the public immediately. Her office is also investigating.

Cavoukian is “deeply concerned a breach of this extent, the largest in Ontario history, involving millions of individuals, could happen at Elections Ontario, the agency charged with protecting the integrity of our electoral process.”

Premier Dalton McGuinty was informed of the problem on Monday. Speaking in Guelph, he called it unfortunate and while they must “take these privacy matters very seriously,” the chief electoral officer needs to take the lead and assure the public it won’t happen again.

To access the data on the USB keys someone would need special Elections Ontario software, Essensa noted.

“Let me be clear, there is no evidence that copies of personal information on two USB keys have been improperly accessed,” he said.

Members of the public are being asked to call 1-888-ONT-VOTE (668-8683) if they have any questions or fear something is amiss. The breach affects 20 to 25 of the 107 electoral districts in the province.

The public should “monitor personal transaction statements” from governments, financial institutions and businesses and if they suspect something is amiss, they should contact those organizations immediately, Essensa said.

Elections Ontario didn’t release this information earlier because they have had difficulties defining the scope of the problem.

“I did not want to make an irresponsible public notification or worry Ontarians needlessly,” he said. “But at this point . . . we are not able to accurately define the 20 to 25 electoral districts but we know for sure they are somewhere within 49 districts.”

The breach occurred after two employees, who were supposed to secure the keys at the end of the working day, failed to do so. The next morning when they returned to work, the keys were gone, he said.

The missing keys do not indicate how a member of the public voted. The voting process guarantees the secrecy of how one votes, Essensa said.

The good news is the data don’t contain social insurance numbers, noted Thomas Dean, an associate professor of electrical engineering at Queen’s University.

But the information could be used to try to obtain credit cards, or for other scam attempts.

“If you have somebody who is a good talker and they have a certain amount of information, there is a lot they can convince someone to do,” he said.

If someone actually does have this information they can also call you up and pretend to be someone else — such as your bank, he added. “You might be the target the other way around.”

To help avoid this, Dean suggests clicking on the Royal Canadian Mounted Police website www.RCMP-grc.gc.ca/scams-fraudes/index-eng.htm to find out how to protect yourself from identity theft.

The information breach affects 20 to 25 ridings, which are among the following electoral districts:

Essex

Etobicoke Centre

Kingston and the Islands

Newmarket—Aurora

Nipissing

Ottawa West—Nepean

Stormont—Dundas—South Glengarry

Whitby—Oshawa

Ajax—Pickering

Bruce—Grey—Owen Sound

Windsor West

York Centre

York West

Burlington

Davenport

Don Valley East

Don Valley West

Algoma—Manitoulin

Etobicoke—Lakeshore

Etobicoke North

Loading... Loading... Loading... Loading... Loading... Loading...

Haliburton—Kawartha Lakes—Brock

Ancaster—Dundas—Flamborough—Westdale

Halton

Hamilton Centre

Kitchener Centre

Kitchener—Conestoga

London—Fanshawe

London North Centre

London West

Mississauga South

Mississauga—Streetsville

Nepean—Carleton

Nickel Belt

Northumberland—Quinte West

Ottawa South

Ottawa—Vanier

Peterborough

Pickering—Scarborough East

Prince Edward—Hastings

Sarnia—Lambton

Sault Ste. Marie

Brampton West

Scarborough—Agincourt

Simcoe—Grey

Simcoe North

Brant

Timiskaming—Cochrane

Timmins—James Bay

Toronto Centre

With files from Rob Ferguson