Bell Canada advised some of its customers on Tuesday that their personal information may have been hacked.
The Royal Canadian Mounted Police (RCMP) confirms that it is currently investigating this matter, but can not provide further details. The company has also advised the Office of the Privacy Commissioner of Canada that this data “has been compromised”.
“less than 100,000 customers” are affected, according to a spokesman of the company. There is no indication for the moment that the hacker was able to access financial data or passwords, we advance.
This is the second time in eight months that Bell has been advising customers of a leak of personal information. This telecommunications company, among the leading in the country, had revealed in May 2017 that a hacker had illegally obtained 1.9 million active email addresses and about 1700 active names and phone numbers.
Possible uses of information
“They are aware of the security breach, which is in itself a good sign,” says Montreal biosafety researcher Olivier Bilodeau.
It’s impossible to know if this particular attack will have or has any consequences. Bilodeau does not hide, however, that hackers steal most of the information for malicious purposes. “Accumulating as much information is not often for legitimate uses, indeed,” he says, commenting on cases that are multiplying.
Mr. Bilodeau, who works for GoSecure, explains that an email can for example become a kind of point of infection. The hacker can use them “in targeted attack campaigns” to simulate the source of an email for example and phishing a person to extract more information.
In September 2017, we learned that the Equifax credit reporting agency exposed the personal data of approximately 100,000 Canadians and 145 million Americans due to an uncorrected security breach. In November, it was Uber’s turn to make the headlines, a target of massive piracy involving up to 57 million people worldwide.
“A significant number of privacy breach reports” have been forwarded to the Office of the Privacy Commissioner of Canada in the last two fiscal years.
This number should also increase when private companies are forced to warn their customers of security breaches that threaten their personal data. Only Alberta requires it at the moment.
Nearly three years after the new Digital Privacy Act, Ottawa has not completed the development of specific regulations for privacy breach notification and record keeping requirements.
Doris’s passion for writing started to take shape in college where she was editor-in-chief of the college newspaper. Even though she ended up working in IT for more than 7 years, she’s now back to what he always enjoyed doing. With a true passion for technology, Doris mostly covers tech-related topics.