Canada Post says 950,000 customers exposed in data breach

·1 min read
Nearly one million Canadians may have had their names and addresses exposed in a cyberattack on one of Canada Post's partners. (Darren Calabrese/The Canadian Press - image credit)
Nearly one million Canadians may have had their names and addresses exposed in a cyberattack on one of Canada Post's partners. (Darren Calabrese/The Canadian Press - image credit)

Canada's national mail carrier says a malware attack on one of its suppliers has impacted 44 of its biggest corporate customers across the country, and potentially up to nearly one million people.

Canada Post said in a statement Wednesday that one of its suppliers, Commport Communications, had its systems compromised in a cyberattack.

Commport is what's known as an electronic data interchange supplier, which means it manages the shipping manifest data of large-parcel business customers. Its system has access to information like names and addresses of senders and receivers when large parcels are shipped.

The company says 44 of the largest shippers in Canada were included, and the cyberattack got information on shipments that happened between July 2016 and March 2019.

Canada Post says 97 per cent of the information stolen was names and addresses. In three per cent of the cases, phone numbers and email addresses were taken.

No financial information was accessed, but Canada Post says some information on up to 950,000 Canadians seems to have been taken.

"We are now working closely with Commport Communications and have engaged external cybersecurity experts to fully investigate and take action," Canada Post said. "We are proactively informing the impacted business customers and providing the information and support necessary to help them determine their next steps. As well, the Office of the Privacy Commissioner has been notified."

More to come.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting