While this is not a good thing for this NBN company, the fact that they looked to see what data they need to handle their day-to-day processes is key.
Maybe my podcast is reaching the right people? I know I’ve been harping for a long time about people hanging on to data they really don’t need. Even I questioned certain data I just don’t collect anymore.
The problem this company had was a legacy database which they took offline. The good news is that it was protected, but the credentials somehow got loose by some means which are not clear.
The issue is that we’re finding about it now, but the incident took place last year. They took steps then to contain the issue, revoke the account, look at processes to determine what data was absolutely necessary to conduct business and moved forward.
I applaud Tangerine for doing what I’ve been advocating businesses do. Although this was an isolated incident, names, numbers, email addresses were all pilfered from this legacy database.
The number of people affected and notified were 232 thousand.
Tangerine Telecom says customer data of 232,000 affected by ‘cyber incident’ is the article you need to read if you are a customer.
While it is a few days late, I saw it last night on Mastodon.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.