Bell Canada Data Breach Affects Up to 100,000 Customers
Bell Canada, one of the largest telecommunications company in the country, became the victim of a data breach after attackers managed to gain illegal access to its database. This occurred eight months after a similar incident resulted in the information theft of 1.9 million customer emails.
This new data breach, although smaller in scope—affecting only up to 100,000 customers—is still problematic for the affected customers as the hackers managed to gain access to personally identifiable information. The exposed information include names, e-mail addresses, phone numbers, user names, and account numbers—all of which could be sold in underground markets and used for malicious activities.
The company sent an email to the customers affected by the breach, noting that additional security measures and identification requirements have been added for greater protection. In addition, Bell Canada also mentioned that they were working with the Royal Canadian Mounted Police (RCMP) and other law enforcement agencies to investigate the hack. The company advised users to review their accounts for suspicious activity, as well as change their passwords and security questions to avoid information theft.
Details of the attack itself were not publicly available at the time of publication.
At a time when data breaches are seemingly at an all-time high, organizations must ensure that they install the necessary security measures and practice proper mitigation techniques to protect both their data, as well as their customer’s data.
Steps organizations can take to protect their data include:
- Patch systems and networks regularly: Updates can help prevent cybercriminals from exploiting vulnerabilities in unpatched and outdated software
- Implement proper security measures and processes: Creating an efficient security process can help IT professionals quickly identify when and where data breaches occur. Regularly security audits also ensure that all systems connected to the organization’s network are accounted for.
- Educate employees: Educating employees about the threats and tactics attackers use can help them identify threat situations and act on them when they happen.
- Create contingencies: In case of an actual data breach, organizations need to implement an effective disaster recovery plan to address not only the attack itself, but also the concerns of the people affected. This includes disclosure strategies, mitigation steps, and working with law enforcement agencies. People working within the organization should also be informed of these contingency plans.
Individual users can also help secure their data from their own end by securing their own accounts. As suggested by Bell Canada, changing passwords and security questions on a regular basis will highly decrease the likelihood that attackers will gain access to their accounts. They can also look into setting up two-factor authentication (2FA) for their accounts, which will add a higher level of security than that offered by regular username and password-type credentials.
Trend Micro Solutions
Organizations that hold a large amount of customer data should also consider strong security solutions that are ideal for protecting against data breach attacks such Trend Micro™ Deep Discovery™, which provides detection, in-depth analysis, and proactive response to attacks using exploits and other similar threats through specialized engines, custom sandboxing, and seamless correlation across the entire attack lifecycle, allowing it to detect data breaches quickly and accurately. These solutions are powered by XGen™ security, which provides a cross-generational blend of threat defense techniques against a full range of threats for data centers, cloud environments, networks, and endpoints. Smart, optimized, and connected, XGen™ powers Trend Micro’s suite of security solutions: Hybrid Cloud Security, User Protection, and Network Defense.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases