XplornetSUCKS  

Go Back   XplornetSUCKS > News
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 05-16-2017, 12:44 AM
buttitchi buttitchi is offline
offline "Global Moderator" Retired
 
Join Date: Feb 2008
Posts: 212
Default Bell (BCE) data breach May 2017

Ever wondered why it's bad for a company to hold more information that just what is needed for an account? User names, passwords, and emails, are just the tip of the iceberg. Go deeper and information for identity theft is awaiting due to collecting more personal information than is allowed by law.

If a company has not taken the simple steps to protect all data, in a proper way... It's a shame that mega corporations (and their Executives) are not made to pay the price of the ill effects their users (and or employees/contractors) will feel from data breaches. The corporation gets barely a slap on the wrist from government agencies, and the users get fucked.
Data breaches are becoming so routine that some companies call it "just part of business and who cares, unless it's the Executive board's personal data".

There's a thread over on DSLreports.com
https://www.dslreports.com/forum/r31...dresses-stolen


http://www.cbc.ca/news/technology/be...leak-1.4116608
Quote:
after 1.9 million email addresses and approximately 1,700 names and phone numbers were stolen from a company database.

The information appears to have been posted online
Quote:
A person or group alleging to be behind the attack wrote in a post online that they were "releasing a significant portion of Bell.ca's data due to the fact that they have failed to cooperate with us."

"This shows how Bell doesn't care for its customers safety and they could have avoided this public announcement," the post continues. "Bell, if you don't cooperate more will leak "

The post links to a set of files containing a long list of email addresses and related customer information that appear similar in size and substance to Bell's description of the stolen data — but also includes phone numbers, locations, job titles and other pieces of information about more than 150 supposed Bell contractors and employees.

A few years ago, Yahoo violated its customers by allowing the N.S.A. to setup scanning of all emails/accounts. Didn't matter what country you used it from. That data breach makes the 2 other major data breaches at Yahoo small in comparison.
http://www.reuters.com/article/us-ya...-idUSKCN1241YT





Small update. When these corporations get penetrated, they really don't like to fully admit what got accessed or copied out. That's bad for the end users, not knowing what got taken, because the corporation is embarrassed at being reported on the breach.
http://www.cbc.ca/news/technology/ma...data-1.4129076
Quote:
Links to the data were then shared across social media.

"We were literally inside Bell's networks with access to everything," exodus told CBC News. "It could have been much worse for them."

Even after the breach was revealed, exodus claimed to still have access to Bell servers, and to have stolen additional data that could still be leaked — in particular, "all passwords for Bell customers." They were unable to offer any supporting proof.

Bell previously told customers that "there is no indication that any financial, password or other sensitive personal information was accessed."

Bell's director of communications Marc Choma declined to comment on any of exodus's claims
__________________
Hi Diddly Ho, Good Neighborino

Last edited by buttitchi : 05-27-2017 at 10:54 AM.
Reply With Quote
  #2  
Old 05-16-2017, 12:28 PM
Brad R Brad R is offline
Linux Member
 
Join Date: Apr 2007
Location: Ontario
Posts: 606
Default

As always, the rule is: protect yourself, because the vendors won't protect you.

Those who hacked Bell Canada may now have my email address, and my Bell Canada password. But since I use KeePass to generate and store my passwords, that password is only used for Bell Canada. All my other online accounts will not be affected, because they have different passwords.

(I suppose the hackers could sell my semi-private email address to spammers, but I've got fairly good spam filters, too.)
__________________
4G Fixed Wireless Formerly Echostar 17 "Jupiter"; Rogers Rocket Hub; Everus 3.5 GHz Wireless; Telesat Kazam plan; HughesNet Ku.
A computer without Windows is like a chocolate cake without mustard. http://www.goodbyemicrosoft.net
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 06:55 PM.


Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.