The state-owned postal service, Canada Post has reported that a cyber-attack on a third-party provider resulted in a data breach affecting 950,000 parcel recipients. Canada Post Corporation, also known as Canada Post, is a Crown corporation that serves as the country’s major postal operator.
Canada Post claimed in a press release on May 26 that it had notified 44 “major business customers” that they may have been compromised by “a malware assault” targeting Commport Communications, a supplier of electronic data interchange (EDI) services.
On May 19, the supplier informed Canada Post that “manifest data housed in their systems, which was related with some Canada Post customers, had been compromised.”
It stated that the data was compromised between July 2016 and March 2019, with 97% of it containing the names and addresses of receiving consumers. According to the firm, the remaining 3% contained email addresses and/or phone numbers. The Crown corporation has already “taken preventive measures and will continue to take all required efforts to mitigate the repercussions,” according to the statement.