The telco giant Bell Canada was the victim of a security breach that exposed roughly two million customer account details.
The long string of data breach continues, while I’m writing about the intrusion in the systems of the technology provider DocuSign, another incident made the headlines, this time the victim is Bell Canada.
The company admitted on Tuesday that 1.9 million customer account details were stolen by hackers, anyway Bell Canada confirmed that no financial data (i.e. payment card numbers) or passwords have been stolen.
Crooks are trying to blackmail the company and requested the payment of a ransom to avoid the full data leakage.
“A demand for payment was made by the hacker, but it was not paid,” Bell spokesman Marc Choma said via email to the Reuters on Tuesday. “We did not reply to their demand.”
Bell Canada it the largest telco operator in the country with more than 21 million customers, the revenues of the company in the last fiscal quarter are $5.38bn CAD ($3.96bn USD).
it already notified the incident to the Canadian police who is investigating the case. Customer email addresses and phone numbers and names of another 1,700 people have been already leaked online.
“Bell Canada today announced the illegal access of Bell customer information by an anonymous hacker. Bell has determined that the information obtained contains email addresses, customer names and/or telephone numbers.” reads the data breach notification issued by the company.
“There is no indication that any financial, password or other sensitive personal information was accessed.”
This company clarified that the data breach isn’t linked to the recent global WannaCry malware attacks.
At the time, I was writing there is no news regarding the source of the stolen data or the technique used by attackers.
The Canadian Privacy Commissioner’s office is also investigating the incident.
“We are waiting for a fuller report sometime today,” Canadian Privacy Commissioner Daniel Therrien told Reuters in a telephone interview on Tuesday, when asked if Bell Canada had followed proper procedures in responding to the cyber attack.
“We apologize to Bell customers for this situation and are contacting those affected directly,” continues the Bell Canada statement. “Bell took immediate steps to secure affected systems. The company has been working closely with the RCMP cyber crime unit in its investigation and has informed the Office of the Privacy Commissioner.”