- HPE, 2,500여 일자리 줄인다··· 유력한 원인은 '서버 매출 부진'
- 레이벤 메타가 AI 스마트 안경 시장 열었다··· 2024년 글로벌 시장 210% 성장
- They said I couldn't find a high-quality multitool for under $30 - but this one's a winner
- I compared the viral $50 earplugs with my $300 sleep earbuds - here are the results
- This Android phone that doubles as a projector will make any tech enthusiast smile
Data Breach at Canada Post
Canada’s primary postal operator, Canada Post, confirmed Wednesday that it has suffered a data breach.
The security incident occurred following a cyber-attack on one of the Crown corporation’s suppliers, Commport Communications, which provides electronic data interchange solutions.
Commport Communications was hired by the postal service to manage the shipping manifest data of its large parcel business’ customers.
Following the cyber-attack, Canada Post has informed 44 of its commercial customers that data belonging to more than 950,000 customers has been compromised.
Commport Communications notified Canada Post that manifest data stored in its systems had been exposed in a malware attack on May 19.
“Shipping manifests are used to fulfill customer orders. They typically include sender and receiver contact information that you would find on shipping labels, such as the names and addresses of the business sending the item and the customer receiving it,” said Canada Post on Wednesday in a press release.
The corporation said that exposed information dates from July 2016 to March 2019 and that most of it (97%) contains the name and address of the receiving customer. The customer’s email address and/or phone number were included in 3% of the compromised data.
Canada Post said that a detailed forensic investigation into the data breach had not turned up any evidence of financial information’s being compromised.
“We are now working closely with Commport Communications and have engaged external cybersecurity experts to fully investigate and take action,” Canada Post said.
Though the breach hit Canada Post customers via an attack on a supplier, the corporation said they “sincerely regret the inconvenience this will cause our valued customers” and have notified the Office of the Privacy Commissioner.
“Canada Post respects customer privacy and takes matters of cybersecurity very seriously,” said the corporation.
The postal operator added that it will “incorporate any learnings into our efforts, including the involvement of suppliers, to enhance our cybersecurity approach which is becoming an increasingly sophisticated issue.”
Last November, Commport Communications notified Innovapost, the IT subsidiary of Canada Post, of a potential ransomware issue. An investigation found no evidence to suggest any customer data had been compromised.
