The recent Bell Canada data breach might not have contained any compromised financial information, but it could still create “stepping stones” to more serious cases of fraud and espionage, according to a cybersecurity expert.
On Tuesday, the company alerted customers that the information of “fewer than 100,000” users was illegally accessed by hackers. The RCMP announced it had opened an investigation.
Bell, Canada’s largest telecommunications company, said that while names and email addresses were accessed — as well as phone numbers for some users — no banking or financial information was compromised.
The potential danger to the company’s customers is apparent, according to Jon Lindsay, an assistant professor in digital media at the University of Toronto’s Munk School of Global Affairs.
“They’re going to be potential victims of more sophisticated spam and phishing messages, because the more you know about somebody the more you can tailor the lure to that particular person,” Lindsay told HuffPost.
“Maybe you make something that looks like a Bell bill, and [customers] would be more likely to give their credentials or input their credit card information to it.”
The compromised information creates an “indirect vulnerability,” Lindsay added.
“It could just be used as a stepping stone for further fraud or even espionage,” he said.
This is the second breach at the company in eight months. Last May, Bell announced that 1.9 million email addresses and around 1,700 names and phone numbers were illegally obtained by hackers. A spokesperson for the company told HuffPost the two incidents are not connected.
Read the original story over at Huffington Post Canada.
