Canada Post informs 44 large business customers of data breach affecting 950K customers

CANADA

Canada Post informs 44 large business customers of data breach affecting 950K customers

CTVNews.ca

Published Wednesday, May 26, 2021 11:22AM EDT

Mail boxes are seen at Canada Post's main plant in Calgary, Alta., Saturday, May 9, 2020, amid a worldwide COVID-19 pandemic. THE CANADIAN PRESS/Jeff McIntosh

Text:

TORONTO -- Canada Post has informed 44 of its large business customers that information relating to more than 950,000 customers was compromised after one of its suppliers fell victim to a malware attack late last week.

On Wednesday, the postal agency announced that Commport Communications, an electronic data interchange solution supplier, had notified them that manifest data held in their systems, which are associated with Canada Post customers, had been 鈥渃ompromised鈥� in an attack on May 19.

Commport Communications is used by Canada Post to manage the shipping manifest data of large parcel business customers.

鈥淪hipping manifests are used to fulfill customer orders. They typically include sender and receiver contact information that you would find on shipping labels, such as the names and addresses of the business sending the item and the customer receiving it,鈥� Canada Post said in a press release.

The postal service said that, after a 鈥渄etailed forensic investigation,鈥� there is no evidence that any financial information was breached.

The investigation into the impacted manifests also found:

The information is from July 2016 to March 2019
The vast majority (97 per cent) contained the name and address of the receiving customer
The remainder (3 per cent) contained an email address and/or phone number

Canada Post said Commport Communications notified Innovapost, the postal agency鈥檚 IT subsidiary, of a potential ransomware issue in November 2020. However, an investigation at the time didn鈥檛 turn up any evidence to suggest customer data had been compromised.

鈥淲e are now working closely with Commport Communications and have engaged external cyber security experts to fully investigate and take action,鈥� Canada Post said.

The postal service added they have proactively informed impacted business customers and have provided them with the information and support to help them 鈥渄etermine next steps.鈥�

The Office of the Privacy Commissioner has also been notified, Canada Post added.

While the breach occurred at one of their suppliers, Canada Post said they 鈥渟incerely regret鈥� the inconvenience to their customers and they take cyber security 鈥渧ery seriously.鈥�

鈥淐anada Post will also incorporate any learnings into our efforts, including the involvement of suppliers, to enhance our cyber security approach which is becoming an increasingly sophisticated issue,鈥� the agency said.

Report an error Editorial standards and policies Why you can trust CTV News

MORE 麻豆影视 FROM CANADA

Luck of the draw: N.L. ads to be featured in match against football giants Chelsea

CTVNews.ca Top Stories

Don't Miss

false

Paleontologists in B.C. unearth 60 million-year-old fossil

false

Getting into the spooky season with 'Pumpkins After Dark'

false

Vets find way forward through improv, writing after serving

LISTEN TO THE LATEST

Listen and subscribe to get a daily fix on the latest political news and issues.
Listen and subscribe to get a weekly update with the newsmakers who matter.
A public opinion podcast

A check-in on the public mood of Canadians with hosts Michael Stittle and Nik Nanos.

麻豆影视

Canada Post informs 44 large business customers of data breach affecting 950K customers

Text: