Menu
Browse

Cyber Incident Victim: Bell Canada

Date:

May 2017

Location:

Canada

Summary

Bell Canada reported that hackers accessed approximately 1.9 million customer records, obtaining email addresses, phone numbers, and names, while also exposing contact information for an additional 1,700 individuals. The company stated that no financial data, passwords, or payment card numbers were compromised and that the breach was unrelated to the WannaCry ransomware outbreak. The company worked with the RCMP cyber crime unit, informed the Office of the Privacy Commissioner, and notified affected customers directly.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 2 techniques
Threat Actors Type Location
0 actors Available to members Available to members

Description

On May 16 2017, Bell Canada announced that approximately 1.9 million customer account details had been accessed by unknown attackers. The telco stated that the compromised data did not include payment card numbers, passwords, or other financial information. In addition to the larger set, the breach exposed email addresses, phone numbers, and names for a further 1,700 individuals. Bell Canada serves roughly 21 million customers across fixed line, wireless, internet and television services. The company reported quarterly revenues of $5.38 billion CAD at the time of the disclosure. Bell Canada said there was no indication that any sensitive personal information beyond the disclosed contact details had been accessed. The carrier explicitly noted that the incident was unrelated to the global WannaCry ransomware campaign.

Cyber Incident Image

Following the discovery, Bell Canada said it was working with Canadian police to identify those responsible. The company reported that it had taken immediate steps to secure the affected systems. Bell Canada stated it was working closely with the RCMP cyber crime unit in its investigation. The telco also informed the Office of the Privacy Commissioner of Canada about the breach. Bell Canada issued an apology to its customers and began contacting those whose data had been exposed directly.

Sources
Sources available to members
1 source