[BreachExchange] Bell Canada hacked: 2m account details swiped by mystery miscreants

Audrey McNeil audrey at riskbasedsecurity.com
Tue May 16 20:44:52 EDT 2017


https://www.theregister.co.uk/2017/05/16/bell_canada_
quieting_fears_post_data_heist/

Bell Canada said Tuesday 1.9 million customer account details were swiped
by hackers – although stressed no payment card numbers or passwords were
slurped.

The nation's largest telco said it is working with Canadian police to
figure out who was responsible for the disclosure of the customer email
addresses, and phone numbers and names of another 1,700 people.

"There is no indication that any financial, password or other sensitive
personal information was accessed," Bell Canada said in its brief statement
on the matter.

"This incident is not connected to the recent global WannaCry malware
attacks."

Serving around 21 million customers in the Great White North, Bell Canada
offers both fixed line and wireless phone service, as well as internet and
television. The carrier reported revenues of $5.38bn CAD ($3.96bn USD) in
their last fiscal quarter.

Bell Canada did not say whether the customer details stolen in the attack
were pulled from a specific service.

The Canadian Privacy Commissioner's office has said it is also gathering
data about the hack.

"We apologize to Bell customers for this situation and are contacting those
affected directly," Bell Canada said. "Bell took immediate steps to secure
affected systems. The company has been working closely with the RCMP cyber
crime unit in its investigation and has informed the Office of the Privacy
Commissioner."

This isn't the first time Bell Canada has been tied to privacy concerns. In
2015, the telco was the focus of a privacy investigation over complaints
about its use of tracking tools without customer consent.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170516/99f826da/attachment.html>


More information about the BreachExchange mailing list