«
»

Bell Canada Suffers Significant Data Breach

According to a press release put out by Bell today let the world know that more than 20,000 Bell small business customers have had their information put online. Here’s the details:

Bell today announced that 22,421 user names and passwords and 5 valid credit card numbers of Bell small-business customers were posted on the Internet this weekend. The posting results from illegal hacking of an Ottawa-based third-party supplier’s information technology system.

Delightful. So Bell let a third party have this data and that third party got hacked. Bell gets a #fail on that as in my opinion, data of this sort should never leave a corporation’s control. Now, Bell may be understating the impact of this hack. Here’s what the Toronto Star says:

Bell spokesperson Paolo Pasquini declined to answer questions on when the company first became aware of the privacy breach.However, hacktivist collective NullCrew,which took credit on Twitter for the attack, told followers Bell “knew the vulnerable section of the website for two weeks.”

Several weeks ago, on Jan. 14, the group also tweeted: “Successful day hacking internet service providers is successful. #NullCrew.”

That tweet was followed a day later by another one suggesting the group’s potential target: “Just had a talk with @Bell_Support, this is going to be fun.”

The website Have I Been Pwned?, which uses publicly available data to map privacy breaches, suggested the number of small business owners affected is 40,000 — not 22,421 as Bell reported. Pasquini, however, said the hacked information contained “a large number of duplicate and incomplete records.”

Now affected customers are being contacted and this is being investigated, but here’s what is important. Bell needs to explain what happened here in detail and tell it’s customers in detail how this is never going to happen again, and they need to do that quickly. But knowing Bell, that’s unlikely. Which means that if you value your privacy, you should be shopping around for another telco provider.

This entry was posted on February 2, 2014 at 6:33 pm and is filed under Commentary with tags , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Bell Canada Suffers Significant Data Breach”

  1. BREAKING: Bell Canada Pwned AGAIN…. Perhaps 100K Customers Affected. | The IT Nerd Says:
    January 23, 2018 at 1:08 pm

    […] year came news that Bell Canada was not only pwned by hackers, but they were the subject of an extortion attempt too. Well, it seems that they’ve been pwned again. They’ve sent a note out to affected […]

    Reply
  2. RCMP Arrests Two In Connection With The 2018 Bell Data Breach | The IT Nerd Says:
    October 9, 2019 at 12:13 pm

    […] might remember that Bell got pwned in 2018 and 2017. The first time about 100K customers were affected with names and email addresses being accessed. […]

    Reply

Leave a Reply to RCMP Arrests Two In Connection With The 2018 Bell Data Breach | The IT NerdCancel reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading