Over the weekend it came to light that Canadian telco Rogers and their flanker brand Fido have been pwned and customer data is out there. I first saw this here:
But Cybernews saw a lot more that should scare any current or former Rogers customer.
Attackers posted an ad on a mostly Russian-speaking hacker forum, alleging the database for sale belongs to Rogers Communications, a Canadian media behemoth providing wireless, cable, and internet services.
The ad supposedly includes three Rogers’ Active Directory (AD) databases: users, groups, and devices. Organizations use AD to connect users with network resources. Typically, AD includes critical data on the company’s environment, for example, what users can do and what devices operate within the system.
And:
Data samples of the three AD databases included in the ad, and seen by Cybernews, contain customer names and surnames, phone numbers, email addresses, locations, company names, account launch date, user device operating systems, user roles, device security status, and other sensitive data points.
While the sampled attackers provided don’t include employee data, the Cybernews researcher team believes the AD could also host information on the company’s employees that use Rogers’ network resources, as this type of data is usually included in AD databases.
Threat actors put a $14,000 price tag on the three databases mentioned in the ad. The ad doesn’t specify the size of the database or the number of the company’s users it exposed.
The harm that this could cause is huge. Now the company is downplaying the extent of this pwnage based on this comment from the company:
“Through proactive monitoring, we identified that business contact information, such as work email addresses and phone numbers, for Rogers employees was posted on the dark web. No personal details, including banking information, social insurance numbers or passwords, were accessed or posted. Our investigation also indicates no customer information was accessed or posted,” Rogers told Cybernews.
The thing is that all of this information can be used to launch attacks on all who are affected. And Rogers in their statement doesn’t say how long the threat actors had access to their systems. The cynic in me says that it could be years as I have personally had a threat actor use very specific information to attempt to execute a social engineering attack on my wife and I which I posted a story about here. And that incident was in 2023. So I would not be shocked that when all the details are made public that the threat actors were inside Rogers systems for at least that long. But I am free to be proven wrong on that front. All Rogers has to do is to post what happened, how long it has been happening and what they will do to stop it from happening in the future. It will be interesting to see if Rogers actually does that, or simply tries to sweep this under the nearest rug and hope that this goes away.
Like this:
Like Loading...
Related
This entry was posted on March 30, 2026 at 9:25 am and is filed under Commentary with tags Fido, Hacked, Rogers. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Rogers & Fido Have Been Pwned
Over the weekend it came to light that Canadian telco Rogers and their flanker brand Fido have been pwned and customer data is out there. I first saw this here:
But Cybernews saw a lot more that should scare any current or former Rogers customer.
Attackers posted an ad on a mostly Russian-speaking hacker forum, alleging the database for sale belongs to Rogers Communications, a Canadian media behemoth providing wireless, cable, and internet services.
The ad supposedly includes three Rogers’ Active Directory (AD) databases: users, groups, and devices. Organizations use AD to connect users with network resources. Typically, AD includes critical data on the company’s environment, for example, what users can do and what devices operate within the system.
And:
Data samples of the three AD databases included in the ad, and seen by Cybernews, contain customer names and surnames, phone numbers, email addresses, locations, company names, account launch date, user device operating systems, user roles, device security status, and other sensitive data points.
While the sampled attackers provided don’t include employee data, the Cybernews researcher team believes the AD could also host information on the company’s employees that use Rogers’ network resources, as this type of data is usually included in AD databases.
Threat actors put a $14,000 price tag on the three databases mentioned in the ad. The ad doesn’t specify the size of the database or the number of the company’s users it exposed.
The harm that this could cause is huge. Now the company is downplaying the extent of this pwnage based on this comment from the company:
“Through proactive monitoring, we identified that business contact information, such as work email addresses and phone numbers, for Rogers employees was posted on the dark web. No personal details, including banking information, social insurance numbers or passwords, were accessed or posted. Our investigation also indicates no customer information was accessed or posted,” Rogers told Cybernews.
The thing is that all of this information can be used to launch attacks on all who are affected. And Rogers in their statement doesn’t say how long the threat actors had access to their systems. The cynic in me says that it could be years as I have personally had a threat actor use very specific information to attempt to execute a social engineering attack on my wife and I which I posted a story about here. And that incident was in 2023. So I would not be shocked that when all the details are made public that the threat actors were inside Rogers systems for at least that long. But I am free to be proven wrong on that front. All Rogers has to do is to post what happened, how long it has been happening and what they will do to stop it from happening in the future. It will be interesting to see if Rogers actually does that, or simply tries to sweep this under the nearest rug and hope that this goes away.
Share this:
Like this:
Related
This entry was posted on March 30, 2026 at 9:25 am and is filed under Commentary with tags Fido, Hacked, Rogers. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.