Friday, January 19, 2007

Recent Rash of Data Security Breaches in Canada

This is a follow-up to the Library Boy post of January 10, 2007 entitled Paper on Data Security Breach Notification.

That post discussed a white paper released by the Canadian Internet Policy and Public Interest Clinic (CIPPIC) at the University of Ottawa that called on the federal government to enact a data security breach notification law:

"Such a law would require organizations, government agencies and businesses to notify individuals when their personal information is exposed to potential theft and misuse due to a computer security breach."
Well, this week, we saw a CIBC security breach when a backup computer file with information relating to 470,000 current and former mutual fund client accounts went missing.

And then we found out that millions of credit card holders may have been exposed to fraud because of a breach at discount retailer TJX Cos., the U.S. parent of the Winners clothing retail chain.

More from:
  • Canadian Privacy Law Blog - Incidents: Rash of info breaches with Canadian connections: "This has been a crazy week for privacy breaches in Canada and the week isn't over yet. I can't recall the last time I had so many media inquiries. In addition to those below, I've been asked about two other incidents that will likely break in the next few days. (Since I heard about them from journalists, it would be rude to scoop them on the blog.)"
  • CBC Online - CIBC loses data on 470,000 Talvest fund customers: "CIBC Asset Management says a backup computer file containing information on almost half a million of its Talvest Mutual Funds clients has gone missing (...) The information may have included client names, addresses, signatures, dates of birth, bank account numbers, beneficiary information and/or Social Insurance Numbers."
  • CBC Online - Owner of Winners, HomeSense says hacker stole customer info: "Millions of credit card accounts may have been compromised after hackers stole customer information last year from computer systems of TJX Cos., the U.S. parent firm of Canadian retailers Winners and HomeSense (...) Citing unnamed sources, the Globe and Mail reported Thursday that two million Visa credit card accounts in Canada and 20 million Visa cards globally have been affected."
  • CBC Online - Be vigilant against credit card fraud, consumer group urges: "The privacy commissioner of Canada on Thursday announced she is launching an investigation into a CIBC personal information breach involving nearly half a million people (...) The commissioner said she has reasonable grounds to investigate whether the bank violated the Personal Information Protection and Electronic Documents Act (PIPEDA). Stoddart's office also said Friday it is checking to see if TJX Cos., the U.S. parent firm of Canadian retailers Winners and HomeSense, was in compliance with private sector privacy laws after the company acknowledged Thursday that customer information has been stolen from its systems."
  • Globe and Mail - Probes launched into data security breaches: "Identity theft experts said the two cases should serve as a wake-up call for Canadians, and perhaps make them more vigilant about checking their statements and credit reports for signs of improper activity (...) The recent security breakdowns at CIBC and TJX Cos. exposed thousands of Canadians to potential damage from unauthorized release of their personal data. But these incidents are only the latest in a long series of similar breaches..."

Labels: ,

Bookmark and Share Subscribe
posted by Michel-Adrien at 6:43 pm


Post a Comment

<< Home