A leading cyber-crime expert says foreign hackers who launched a massive attack on Canadian government computers last fall also broke into the data systems of prominent Bay Street law firms and other companies to get insider information on an attempted $38-billion corporate takeover.

Daniel Tobok, whose international cyber-sleuthing company was called in by a number of the firms hit by the attacks, says the hacking spree from computers in China were all connected to last year's ultimately unsuccessful takeover bid for Potash Corporation of Saskatchewan.

"All those different attacks on companies, law firms and government were all interconnected — they weren't isolated incidents," he said in an interview with CBC News.

The cyber-forensics guru with prominent clients around the world calls the assault on Canadian companies and the government "one of the biggest attacks we have ever seen."

Tobok said hackers penetrated the computer systems of at least seven of Canada's leading law firms in what experts believe was an attempt to mask the real target of the attacks — the few firms directly involved in the aborted Potash deal.

The foreign hack-attack on Canadian law firms was "very sophisticated and highly targeted," he said.

The hackers appeared to have been hunting exclusively for information on the Potash deal, and there was no evidence they had penetrated the confidential files of other clients of the firms affected.

"I think the law firms did a pretty good job in dealing with this attack … and no other clients were harmed. I mean this was not a fishing expedition to download all of the law firms' client files."

One of the law firms representing PotashCorp in the deal is Bay Street's legendary Stikeman Elliott.

In a prepared statement, the firm told CBC News it is "aware of the threat posed by hackers, as well as by viruses, malware and other means of infiltrating computer systems.

"Accordingly, there are safeguards, audit processes and other measures in place that we believe to be appropriate.

"We cannot comment on client matters specifically, but can say that we are not aware of any compromised client information as a result of our systems being breached."

In a similar statement, another prominent law firm involved in the Potash deal, Blake, Cassels & Graydon, said it was "not aware of any compromise of client information as a result of any attempt to breach our systems."

"We take our obligations of confidentiality to our clients and the integrity of our systems very seriously," the firm said.

Tobok said, at first, no one investigating the Potash cyber-attacks connected the dots between the widespread attack on the government and similar invasions of the law firms and other companies.

He said his company was first called in to investigate a series of odd computer glitches at one of the firms hit in the attacks.

"We received a direct call just like we do every other day, (saying) 'I think that we have a problem here. Here is what is happening. Can you guys come and take a look at it?'

"And nobody knew the severity of the issue or what was happening. They were just noticing that they had a problem."

That was not long after the giant Australian resources conglomerate BHP Billiton had launched its ultimately unsuccessful bid for Potash Corp in August 2010, and several months before the federal government revealed its own computers had been hacked.

Over the ensuing few months, Tobok's company got similar calls from at least two other firms, and that's when his investigators began to notice a pattern.

"While there are hundreds of attacks a year, there were certain things about those attacks that had a certain signature on them that made it all connected," he said.

Tobok says eventually investigators "at a very high level" were able to match that signature to the attacks on the federal government.

The Conservative government finally stepped in and killed the whole Potash deal, but not before federal computer systems had taken the hardest cyber-hit of all.

The hackers' successful penetration of the Canadian government computers forced federal security officials to shut down of all internet connections to the federal Finance Department and Treasury Board, along with Defence Research and Development Canada — an agency of the Department of National Defence — in an attempt to prevent the further theft of sensitive data.

Story continues