Menu
On May 19, 2021, Canada post, the primary postal operator in Canada had to inform several of its large commercial customers that a ransomware attack that hit one of its third service providers, Commport Communications had exposed the commercial companies’ customers shipping information. In total, the attack affected 44 of Canada Post’s commercial customers and over 950,000 receiving customers.
In a statement from Canada post, they stated that “after a detailed forensic investigation, there is no evidence that any financial information was breached.” They also stated that “the information is from July 2016 to March 2019” and 97% of the exposed data “contained the name and address of the receiving customer” while the remaining 3% “contained an email address and/or phone number”.
In December 2020, the Lorenz ransomware group claimed they had breached Commport Communications during a ransomware attack, on their data leak website.
Since that claim, they have leaked 35.5 GB of data that apparently was stolen from Commport Communications during the attack. While Commport Communications and Canada post believe none of Commport Communications data was accessed, Canada Post have now announced they have hired external cyber security experts to investigate the matter and have informed the Office of the Privacy Commissioner of Canada.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
