It's an "unprecedented" breach of privacy in the province and possibly in Canada, said Ontario's Privacy and Information Commissioner Ann Cavoukian.
"That's a huge number. That's larger than the size of most provinces," she said. "It is quite massive in its scale."
Two memory sticks that went missing in April contained copies of personal information collected from up to 2.4 million voters in 20 to 25 ridings, said Greg Essensa, Ontario's chief electoral officer.
But since Elections Ontario doesn't yet know which ridings from a pool of 49 were affected, they've had to warn millions more about the breach, he said.
The data wasn't encrypted or password protected, contrary to the agency's policy, Essensa said. It can't locate the sticks, which were not stored securely in the locked location where they were supposed to be.
The USB keys contained the names, birth dates, addresses and gender of voters, he said. They also have information about whether an individual voted in last fall's election — but not how they voted — and any other personal information updates provided by electors during that time.
The data doesn't include social insurance numbers, health card or driver's licence information, phone numbers, email addresses, credit card or banking information, he said.
However, the information can be viewed by specialized commercial software applications, as well as Elections Ontario's proprietary software, he said.
Ontario Provincial Police are investigating the breach, along with Cavoukian.
There's no evidence that the information was improperly accessed, but all voters in the 49 electoral districts that were potentially affected should monitor their personal transaction statements for any suspicious activity, he said.
"I take this matter extremely seriously and I want to sincerely apologize to all Ontarians for any concern that this notification may cause," Essensa said.
He said he found out about the privacy breach on April 27. Cavoukian said she was notified July 5.
The incident is "deeply, deeply disturbing," given her repeated warnings about securing personal information, she said.
Accidents can happen, which is why it's important to take precautions such as severing the personal information from the data or encrypting the data, she said.
"All of this information on upward two million Ontarians is now in the hands of God knows who," said Cavoukian, who's investigating the incident.
"And that's what upsets me because it wasn't encrypted, even though their policy was to encrypt the data."
Those affected by the privacy breach should monitor their credit card bills and other transactions for at least a year for any signs of identify theft, she said.
Elections Ontario staff didn't follow proper procedures and there are issues with management oversight, Essensa said.
However, the circumstances surrounding the privacy breach were "unusual."
Because a minority government was elected Oct. 6, Elections Ontario was required to prepare for a snap election, he said.
At the same time, the agency was also processing election documents from the fall vote as well as supplies and materials that were returned from all 107 ridings.
The Elections Ontario facility in east Toronto didn't have the space to store all the documents and materials, as well as the new ones that had been ordered in preparation for another election.
It leased another space to store the 2011 election documents and update the permanent register of electors.
According to a preliminary report, permanent staff used the USB keys on April 25, but left them unsecured at the facility. When they returned the next day, the keys were missing.
Essensa said Elections Ontario has hired a law firm and a forensic security firm to guide a full investigation. The agency plans to table a comprehensive report to the legislature by the end of the year.
It's also reviewing its policies and procedures related to privacy as well as its infrastructure and oversight.
"We have a lot of work to do," he said. "We need to regain the public's trust and confidence in Elections Ontario, and I'm extremely committed to putting in whatever measures are necessary to do that."
The two individuals who were responsible for the sticks are no longer with the agency, Essensa said.
Last month, New Brunswick's electoral office revealed that a computer containing the personal information of every eligible voter in that province had been stolen.
Two laptops were taken from the Elections New Brunswick office, one of which contained drivers' licence numbers, birth dates and phone numbers of the 553,000 eligible voters.
Premier Dalton McGuinty said he hopes Elections Ontario will provide some assurances that such privacy breaches won't happen again.
"Obviously it's unfortunate," he said in Guelph, Ont. "We've got to take these privacy matters very seriously."Suggest a correction