Skip to main content

Canada Post says more than 950,000 customers were potentially exposed in a data breach attack on one of its suppliers.

The Crown agency says it was informed by Commport Communications earlier this month that the manifest data held in its systems was compromised by a malware attack.

The attack affected shipping manifests for 44 of Canada Post’s large business customers and included information related to nearly one million receiving customers.

Canada Post says, that after a detailed forensic investigation, there was no evidence that any financial information was breached between July, 2016, and March, 2019.

It says 97 per cent of the affected records contained the name and address of the receiving customer, while the rest contained an e-mail address and/or phone number.

Commport also notified Innovapost, Canada Post’s IT subsidiary last November of a potential ransomware issue, but said there was no evidence that customer data had been compromised.

External cybersecurity experts have been hired to investigate and take action while the Office of the Privacy Commissioner has been notified.

Your time is valuable. Have the Top Business Headlines newsletter conveniently delivered to your inbox in the morning or evening. Sign up today.

Report an error