Hackers who infiltrated TransLink's computer network earlier this month may have copied employees' banking information, the transit provider revealed Thursday.
The extent of the breach is still under investigation, but TransLink has recommended that employees sign up for two years of credit monitoring as a precaution.
"Unfortunately for our employees it does appear this group, or these hackers, have accessed a server containing payroll information and they may have copied some of those files," TransLink spokesperson Ben Murphy said.
The server contains payroll information for employees of Coast Mountain Bus Company, TransLink and Transit Police, including bank account details and, in some instances, social insurance numbers.
TransLink said it will be paying for employees' credit monitoring for a full two years.
Murphy noted that customer payment information is not stored on any TransLink servers, meaning members of the public were not impacted.
"The good news for customers in all this is TransLink does not store or have access to any customer Compass fare payment information. That's held by a third party elsewhere," Murphy said.
TransLink is still working to identify exactly how many employees may have been impacted, and what information may have been taken. Murphy said employees will be notified as more information is gathered.
The cyberattack was discovered on Dec. 1, which prompted TransLink to temporarily disable a number of payment services and the trip planning tool.