Skip to main content

Toronto police and Ontario's privacy commissioner have both been called in after someone hacked into 179,000 electronic Toronto Hydro bills this month.

The e-bills are sent monthly and include basic customer information such as an account number, home address and name. They do not include banking or prepayment information, which Toronto Hydro Corp. chief executive officer and president David O'Brien said was not compromised.

"That system is completely different from this one, and it's separated by firewalls and other security," he said.

Story continues below advertisement

As such, Ontario information and privacy commissioner Ann Cavoukian doesn't consider the e-billing information itself a serious privacy breach, but believes it could allow those in possession of it to contact customers by phone or e-mail to try to draw out further details about banking information. An investigation by her office and the Toronto police has begun.

Both the commissioner and Toronto Hydro are warning customers to not give out that kind of information, and report any suspicious calls to the company. Toronto Hydro has sent letters to all its customers explaining the breach.

"This is the very first time we've had an incident like this," Mr. O'Brien said in an interview. "We will find out how it happened. We will. Our systems are very secure, so this is a bit of a head-scratcher."

It was Toronto Hydro that first noticed the security breach, but Mr. O'Brien declined to say when, saying it was integral in the police investigation. Privacy commissioner Ann Cavoukian said she was called in Friday.

Ms. Cavoukian will meet Wednesday with hydro officials, and said the risk in this case is that whomever hacked the documents could call or e-mail the affected Toronto Hydro clients, posing as the power company and asking for further details.

"Just tell your readers Toronto Hydro would never e-mail or call you asking for personal information," she said. "The message is: as in all other cases, one has to be careful."

It's unclear who caused the breach, or whether they're in Toronto.

Story continues below advertisement

Customers who have questions are encouraged to call Toronto Hydro's care line (416-542-8000). As the first letters to customers arrived Tuesday, the company got about 50 phone calls, Mr. O'Brien said.

Ms. Cavoukian said that only this month's bills were compromised - not past billing information. Ms. Cavoukian said that if indeed no personal financial information was compromised, as Toronto Hydro says, an investigation could be complete in two weeks.

"Toronto Hydro has responded very quickly," she said. "And we'll get to the bottom of it."

Report an error
Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • All comments will be reviewed by one or more moderators before being posted to the site. This should only take a few moments.
  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed. Commenters who repeatedly violate community guidelines may be suspended, causing them to temporarily lose their ability to engage with comments.

Read our community guidelines here

Discussion loading ...

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.
Cannabis pro newsletter