Bell Canada Breach Hits Nearly Two Million Customers

Bell Canada has become the latest big name brand to suffer a major data breach, after admitting that a hacker has illegally accessed personal info on as many as 1.9 million customers.

Canada’s largest telco revealed that email addresses, customer names and/or telephone numbers were part of the haul, although the firm claimed there “is no indication” that financial, password or “other sensitive personal information” had been taken.

The breach may not be quite as bad as it sounds, because although 1.9 million active email addresses were compromised, the hacker was apparently only able to access around 1700 names and active phone numbers.

However, that could still expose customers to follow-on phishing attempts if the data has made its way onto the dark web.

Reports suggest the hacker has already dumped some of the stolen information online after Bell Canada refused to pay a ransom.

Phishing activity has seen a huge spike over the past year, according to Verizon’s latest Data Breach Investigations Report.

It was present in 21% of attacks last year, up from just 8% during the previous reporting period.

This isn’t the first time Bell Canada has been targeted by hackers.

In 2014, the firm admitted that 22,421 user names and passwords had been exposed in an incident which hacking collective NullCrew claimed responsibility for.

Bell Canada was at pains to point out that the new breach had nothing to do with the WannaCry ransomware epidemic sweeping the globe over the past few days.

It claimed to have taken immediate steps to secure its systems and said it’s working closely with the Royal Canadian Mounted Police cybercrime unit and has informed the Office of the Privacy Commissioner.

What’s Hot on Infosecurity Magazine?