The AGO says it suffered a “cyber security incident” in September.

The Art Gallery of Ontario says it experienced a “cyber security incident” in its computer systems in September that may have resulted in a third party gaining unauthorized access to some customer information.

In a statement and email to its members, the art gallery confirmed that an unauthorized third party had accessed its internal shared server, but added that “the vast majority of customer data and credit card information was not affected.”

The gallery said it was notifying customers who may have been affected after being advised to do so by legal and security experts, as well as in accordance with privacy laws.

In an email to members, the AGO said the hack affected its systems between September 9 and 18. It added that security experts had conducted an investigation to “get a better understanding of the scope” of the breach.

Members are urged to be on the lookout for suspicious activity

The AGO encourages members to remain vigilant and take steps to prevent phishing, identity theft and fraud. Members are encouraged to monitor their accounts and account statements to watch for suspicious activity.

The art gallery said it will take steps to strengthen its computer systems, which may include implementing new authentication measures.

“We deeply regret that this incident happened. The security of your data is of the utmost importance to us, and we remain committed to protecting it,” the AGO said in an email.

“Despite our best efforts, the AGO was not immune to the cyber security incident that affected so many public and private sector organizations in Canada.”

Anyone with questions can contact the AGO at [email protected] or (416) 979-6608.