Americas, Breach, Content

Bell Canada Hacked: 1.9 Million Customer Email Addresses Exposed?

Bell Canada, the largest communications company in Canada, has disclosed details about the illegal access of customer information by an anonymous hacker.

Approximately 1.9 million customer email addresses and 1,700 customer names and active phone numbers were exposed in the hack, according to Bell.

However, there was no indication that any financial, password or other sensitive personal information was accessed, Bell said in a prepared statement.

Bell Canada Hack: A Closer Look

According to Bell, the recent hack was not connected to the WannaCry malware attacks; the WannaCry malware attacks were used to lock thousands of computer screens in 150 countries, NPR reported.

Meanwhile, Bell has taken steps to secure its affected systems, the company stated.

Bell is working with the Royal Canadian Mounted Police (RCMP) Cybercrime Strategy unit to investigate the incident, the company indicated. It also has informed the Office of the Privacy Commissioner of Canada, Bell said.

In addition, Bell has apologized to its customers and is reaching out to those who were directly affected.

Data Breach Statistics You Need to Know

Ironically, many telecom companies are warning customers about the threat landscape. The Verizon "2017 Data Breach Investigations Report" provided insights into the global data breach landscape, and some of the report findings included:

  • 75 percent of data breaches were perpetrated by outsiders, followed by internal parties (25 percent).
  • 62 percent of data breaches involved hacking, and 51 percent involved malware.
  • Financial services organizations (24 percent) were the top victims of data breaches, along with healthcare organizations (15 percent) and public sector organizations (12 percent).

Moreover, the Verizon report revealed many organizations continue to rely on outdated cybersecurity systems.

How to Manage Cyber Threats

Verizon recently offered the following recommendations to help organizations manage cyber threats:

  • Leverage log files and change management systems to identify the early warning signs of a data breach.
  • Empower employees with cybersecurity training that teaches them how to identify data breach warning signs.
  • Ensure only employees who require access to secure systems to do their jobs have access to these systems.
  • Use software patches as needed.
  • Encrypt sensitive information.
  • Utilize two-factor authentication.
  • Incorporate physical security measures.

Also, Verizon recommended IT teams look beyond "basic" cybersecurity measures to detect and address cyber threats.

"Your IT team should have a thorough understanding of the threats your organization faces," Verizon noted in a prepared statement. "Cybercriminals are using all the information they can get hold of to up their game. So should you."

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.