Canada Post announced that a ransomware attack on a third-party service provider exposed shipping information for their customers.
Canada Post is a Crown corporation that functions as the primary postal operator in Canada, it provides service to more than 16 million Canadian addresses.
The company has already informed 44 of its large commercial customers, the ransomware attack impacted Commport Communications.
Exposed data include shipping manifests for the 44 commercial customers, the data breach impacted over 950 thousand receiving customers.
“After a detailed forensic investigation, there is no evidence that any financial information was breached. In all, the impacted shipping manifests for the 44 commercial customers contained information relating to just over 950 thousand receiving customers.” reads the data breach notification published by the company. “After a thorough review of the shipping manifest files, we’ve determined the following:
The ransomware attack took place in 2020, in December 2020 Lorenz operators published on their leak site 35.3 GB of data allegedly stolen from Commport Communications.
Initially, Commport Communications said that threat actors did not exfiltrate customers’ data, but the leaked data is proof of the data breach.
Canada Post is helping Commport Communications in investigating the incident to determine the extent of the data breach. The company has also engaged external cyber security experts and is proactively informing the impacted business customers.
Canada Post also notified the Office of the Privacy Commissioner.
“Canada Post will continue to engage external cyber security experts to conduct additional forensic work and assist in the ongoing investigation with Commport Communications. We have already implemented proactive measures and will continue to take all necessary steps to mitigate the impacts. Canada Post will also incorporate any learnings into our efforts, including the involvement of suppliers, to enhance our cyber security approach which is becoming an increasingly sophisticated issue.” concludes the data breach notification.
(SecurityAffairs – hacking, ransomware)