Archive for February 9, 2017

Public Mobile & Freedom Mobile Engage In Epic Trolling Battle On Twitter

Posted in Commentary with tags , on February 9, 2017 by itnerd

First, let me define what “trolling” is in the context of Twitter. From Wikipedia:

In Internet slang, a troll (/ˈtrl/, /ˈtrɒl/) is a person who sows discord on the Internet by starting arguments or upsetting people, by posting inflammatory,[1] extraneous, or off-topic messages in an online community (such as a newsgroup, forum, chat room, or blog) with the intent of provoking readers into an emotional response[2] or of otherwise disrupting normal, on-topic discussion,[3] often for the troll’s amusement.

Now, something that I have been tracking for the last little while is a trolling battle between Canadian cellular carriers Public Mobile and Freedom Mobile on Twitter. Here’s a couple of examples from today that I have captured:


As you can see, Freedom Mobile is at present taking shots at Public Mobile when the latter Tweets something. But last week, things were much different. Here’s an example:


As you can see in this one, Freedom Mobile is being trolled by Public Mobile. It clearly annoyed the former enough for them to try and bring Public Mobile’s corporate parent Telus into the discussion. Though clearly that didn’t seem to calm things down. In case you’re wondering what they are talking about, Freedom Mobile recently had issues with US roaming that Public Mobile was all too happy to point out.

I question the wisdom of these two parties getting into a trolling battle as both parties might come off looking like they have a couple of teenagers living in mommy’s basement running their respective Twitter accounts not very professional in the process. While this is fun to watch, Public Mobile and Freedom Mobile may wish to simply cut it out and get back to running their respective operations. After all, I don’t choose my cell phone carrier based on their ability to troll their competition. I choose my cell phone carrier based on coverage, pricing, and customer service. On those fronts, I am not sure that any of that comes across in this exchange of insults and barbs on Twitter.


Arby’s Pwned By Malware…. Credit Card Info Swiped

Posted in Commentary with tags , on February 9, 2017 by itnerd

Today is clearly the day for hacks. The latest company to disclose that they’ve been pwned by hackers is fast food chain Arby’s. Apparently hackers used malware to swipe credit card data according to security expert Brian Krebs:

A spokesperson for Atlanta, Ga.-based Arby’s said the company was first notified by industry partners in mid-January about a breach at some stores, but that it had not gone public about the incident at the request of the FBI.

“Arby’s Restaurant Group, Inc. (ARG) was recently provided with information that prompted it to launch an investigation of its payment card systems,” the company said in a written statement provided to KrebsOnSecurity.

“Upon learning of the incident, ARG immediately notified law enforcement and enlisted the expertise of leading security experts, including Mandiant,” their statement continued. “While the investigation is ongoing, ARG quickly took measures to contain this incident and eradicate the malware from systems at restaurants that were impacted.”

Arby’s said the breach involved malware placed on payment systems inside Arby’s corporate stores, and that Arby’s franchised restaurant locations were not impacted.

I really don’t think anyone knows the difference between franchised and corporate locations and as a result customers will steer clear of both. But the use of malware to swipe credit card data isn’t new. Just ask Home Depot who got hit by this a while back. But these attacks are clearly on the rise and companies need to ensure that they are defending themselves against this threat.

Canadian Tire Website Pwned By Hackers

Posted in Commentary with tags , on February 9, 2017 by itnerd

Today is a bad day for Canadian retailers. Apparently Canadian Tire joins Loblaw in being pwned by hackers as the former has apparently shut down customer access to their online accounts because of a hack. Global News has the details:

“We recently noticed unusual traffic on our website and suspended customer sign-in capabilities while we investigate,” said Canadian Tire communications manager Stephanie Nadalin.

Since the beginning of the week, customers trying to access their points and credit card information on their computers have been greeted with the following message:

“Our sign-in option is temporarily unavailable and we are working to resume services as soon as possible. We apologize for the inconvenience.”

So unlike the Loblaw hack where it appears that customers told the company that they had been pwned, Canadian Tire appears to have detected that something weird was going an and shut everything down. That’s the way things should work. But that doesn’t mean that all is right in the world. This hack could have started yesterday or two years ago and they only noticed now. And given the that their site has been inaccessible for days, I’m pretty sure they don’t know what the extent of the hack is. Hopefully Canadian Tire is transparent about all these details when they have a full assessment so that they can reassure their customers that their information is safe or “safe.”

Loblaws PC Plus Rewards Systems Pwned…. I Need To Change My Password

Posted in Commentary with tags , on February 9, 2017 by itnerd

Groceries are not cheap these days. So my wife and I shop at Loblaw where we can earn points on specific groceries that we by which we can then redeem to buy groceries. There have been times where we have redeemed enough points to not have to pay a cent for weeks worth of groceries. That seems like a good deal. Until I woke up this morning and found that the systems that run PC Plus rewards have been hacked. Here’s the details:

Loblaw is warning PC Plus rewards collectors to beef up their passwords after points were stolen from some members’ accounts.

“We are treating this as a breach as individual member accounts were accessed and points were stolen,” said Kevin Groh, the company’s vice-president of corporate affairs and communication, in a statement.

The breach stems from people using favourite or weak username and password combinations across multiple sites, he said.

These combinations were stolen from other sites and used to access PC Plus accounts, according to Groh.

Okay. I will admit that people reusing passwords is a #fail waiting to happen. But this statement does have a bit of a “blame the victim” slant to it as their intrusion detection systems should have been able to detect unusual activity. Assuming that one was in play of course. The way this story reads, it seems like Loblaw found out about this when PC Plus members lost points and told the company. That’s a scenario that should never happen. In the meantime, if you’re a member of PC Points you should change your password to something unique and strong and check your points balance to see if you too have been pwned. I’m advising my wife to do that right now.

UPDATE: I would also strongly recommend that you check to see if there are additional cards on your PC Points account. Reports are now starting to surface that people who have lost points have found additional cards on their accounts. Clearly this is how the points are being stolen.

UPDATE #2: This apparently has been an ongoing issue for Loblaw. Many thanks to “Lisa” who directed me towards this thread on Red Flag Deals that indicates that this hack started late last year. Clearly Loblaw has some explaining to do as they really should have been up front with the public long before now.