Yesterday, the Chartered Professional Accountants of Canada (CPA) disclosed a data breach affecting over 329,000 members and other stakeholders.
In a notice of data security incident CPA Canada revealed that a cyber attack against the CPA Canada website had resulted in an unauthorised third party gaining access to certain personal information.
The attack is said to have affected over 329,000 members and other stakeholders.
Information accessed by the third party predominately relates to the distribution of the CPA Magazines and includes personal information such as names, addresses, email addresses and employer names.
Passwords and full credit card numbers were also exposed, however they were all encrypted.
Upon discovering the breach, CPA Canada took steps to secure its systems and conduct a comprehensive analysis to determine what information may have been involved.
“Safeguarding the information in our care is one of our most important responsibilities and we sincerely regret any concern this incident may cause,” said Joy Thomas, President and CEO of CPA Canada. “We immediately took steps to contain the incident and secure our systems, undertake a thorough investigation to identify those affected, and then notify them of the incident.”
CPA Canada has notified affected individuals, informing them that personal information could be used for the purposes of targeted phishing scams.
Additionally, affected individuals are urged to remain vigilant with any emails they receive asking them to provide sensitive information or click on links or attachments, even if they appear to come from CPA Canada.
The Canadian Anti-Fraud Centre and relevant privacy authorities have been notified.
It should be noted that the attack did not target provincial and regional CPA partners.
The post #Privacy: CPA Canada suffers data breach impacting 329K individuals appeared first on PrivSec Report.