Slashdot Mirror

← Back to Stories (view on slashdot.org)

1.9 Million Bell Customer Email Addresses Stolen By 'Anonymous Hacker' (www.cbc.ca)

Posted by msmash on from the security-woes dept.

Bell, Canada's largest telecommunications company, said a hacker had accessed customer information containing about 1.9 million active email addresses and about 1,700 names and active phone numbers. The breach was not connected to the recent global WannaCry malware attacks, the company added. From a report: The information appears to have been posted online, but the company could not confirm the leaked data was one and the same. "There is no indication that any financial, password or other sensitive personal information was accessed," the company wrote in a statement. Bell said the incident was unrelated to the massive spike in ransomware infections that affected an estimated 200,000 computers in more than 150 countries late last week. It is not clear when the breach occurred, how the data was accessed, or how long the attacker had access to Bell's systems.

32 comments

  1. And nothing of value was lost by Anonymous Coward · · Score: 0

    Bell still has customers?

    With all their billing errors the fact that people still use Bell should be news!

    1. Re:And nothing of value was lost by Guspaz · · Score: 1

      Funny thing how monopolies work.

    2. Re:And nothing of value was lost by DontBeAMoran · · Score: 1

      Bell still has plenty of customers because there's zero competition in a lot of areas.

      --
      #DeleteFacebook
  2. I'm a Bell customer. by Anonymous Coward · · Score: 0

    I first saw this news on Reddit,
    Then I received an email from Bell,
    Then I saw this "news for nerds", 4 hours after.

    Way to go slashdot :/

  3. Pepperidge Farm remembers... by grep+-v+'.*'+* · · Score: 4, Interesting

    1.9 million active email addresses and about 1,700 names and active phone numbers.

    Remember the good old days when phone books ruled the earth? *1 The intrusion! OMG -- people could actually see how to spell your full name! AND obtain your phone number! AND your actual physical address. OH, the HORROR!! ( Heck, I understand the police force back then actually had phone number sorted phone-books instead of alphabetic ones for detective ease of use.)

    Now, tying it to a specific usage case (customers) IS a little more specific, but being a customer of "Bell Canada's largest telecommunications company" isn't exactly an exclusive club. Same for the email addresses -- it's easy and effectively free to spam those, but aren't they receiving spam already? And just because "knowing" someone's there doesn't mean they'll actually be reading your message. Although it IS an ever-so-slightly more of a chance that they will. Almost doesn't seem like it's worth the bother -- but then again, I don't know anything about in the spam ecosystem.

    It's still a bad event and should be prevented, but still: yawn. There is no indication that any [other data] was accessed" I'd be worried about what ELSE they did while they were (ARE) in there.

    *1: You might not, but *I* do. Heck, I used and remember when the prefix was words and not just 7 or 10 numeric digits -- Mine was LOcust followed by 5 digits. My mom had a party line (single line shared between families, each with a separate ring) and even used a phone without a dial -- you picked it up and talked to the operator who then dialed it for you.

    --
    If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
    1. Re:Pepperidge Farm remembers... by olsmeister · · Score: 1

      I remember that you could pay extra for the privilege of an "unlisted" number as well.

    2. Re:Pepperidge Farm remembers... by Picodon · · Score: 2

      Remember the good old days when phone books ruled the earth? *1 The intrusion! OMG -- people could actually see how to spell your full name! AND obtain your phone number! AND your actual physical address. OH, the HORROR!!

      It’s true that we used to be more open to associating our names to where we’d live and what we’d do or say (no need for a nickname when writing to the editor of the local paper). The huge difference, however, is that such information was mostly available to our (relative) neighbours: people living close to us, who could know us and that we could know; and if one of them attempted something unsavoury, the neighbourhood cops would likely take care of it. Besides, any information was available on a relatively temporary basis: this week’s paper, this year’s phonebook (as evidence, look at how sensational old information occasionally gets digged out of forgotten archives, by complete chance).

      Nowadays, on the other hand, whatever is published about you is persistently (and “searchably”) available to the entire planet. Potential readership ncludes the whole world’s pool of crooks (and not just today’s pool, tomorrow’s too), including a few that have the smarts, the technical means, the incentive (a mere thousand dollars goes a long way in many places) and the intent to harm you for profit (of various kinds: strategic, commercial, financial, etc.); who can use fairly massive computing power to cross-reference information obtained from many sources to build an actionable profile; and who can do all that from the comfort of their own parents’ basement, without fear of being caught, being often located in places that either support or turn a blind eye on their activities, or simply don’t have the means to find and prosecute them.

      This particular case seems, I agree, much less than terrifying, and your other points (what else was done?) are well-taken! But at the same time, we should not necessarily diminish the importance of privacy concerns by drawing comparisons to what we could afford to do thirty years ago.

    3. Re:Pepperidge Farm remembers... by hawguy · · Score: 1

      1.9 million active email addresses and about 1,700 names and active phone numbers.

      Remember the good old days when phone books ruled the earth? *1 The intrusion! OMG -- people could actually see how to spell your full name! AND obtain your phone number! AND your actual physical address.

      Back then it took real money (and actual humans) to set up a call center to try to bilk you out of your money.

      Now you set up an IVR system to dial millions of numbers in the list and when you have an active lead, send that call to a live agent.

      It's so cheap that they don't need to start with a list, they can just dial numbers randomly and let the computers screen for leads, but having actual names helps make a scam more believable.

    4. Re:Pepperidge Farm remembers... by Anonymous Coward · · Score: 0

      I remember phone books. And some people were actually excited to see their name in print!
      https://www.youtube.com/watch?v=ahuPW6_t-z0&list=PLZbXA4lyCtqqvns1nCceN8Jg8cDrGdIOS&index=5#t=00m45s

      _
      "He hates cans!"

  4. Phone book leak? by Anonymous Coward · · Score: 2, Interesting

    Isn't this like "leaking" the old phone book? Name, address, telephone # (and now email address)?

    1. Re:Phone book leak? by Anonymous Coward · · Score: 0

      No, the old phone book was A name with matching address and phone number. There were many John Smiths in NYC.

      This is Specific name with connected account information, allowing people to know exactly which one is which, what kind of connection they got, what their email (and therefore a large number of their online personas/registrations/subscriptions) is, and quite likely even if bell won't say so things like their payment history. I wouldn't be surprised if there was also credit info there as well.

      A phonebook entry didn't allow someone to paint a complete picture of your entire life.

  5. Not a surprise by gachunt · · Score: 1

    After dealing with Bell's horrid customer service for many years, and seeing how little they care about their customers, the only surprise is that it took this long for a major breach to happen.

    1. Re:Not a surprise by wardrich86 · · Score: 1

      That's one of the greatest problems these days. Companies not paying enough to properly train employees, and employees not getting paid enough to actually care about the job they do.

    2. Re:Not a surprise by Anonymous Coward · · Score: 0

      no, no, NO! We have a shortage of qualified candidates. Candidates must be fully trained to apply, and ready to hit the ground "running" in a fast-paced, results-oriented way. We cannot afford to waste time or money getting people up to speed. There is a real problem with a lack of qualified candidates in this country.

  6. Again and again by Anonymous Coward · · Score: 0

    Criminals are stealing our info so many times they should know more about us than we ourselves know at this point.

  7. How is this news? by Sir+Holo · · Score: 1

    So someone copied a list of email addresses from Bell.

    Yawn.

    1. Re:How is this news? by Anonymous Coward · · Score: 0

      Because Bell wasn't able to profit by selling them!

    2. Re:How is this news? by Anonymous Coward · · Score: 0

      So someone copied a list of email addresses from Bell.

      Yawn.

      You seen unaware that Bell Canada provides managed security services for government and corporate clients. The irony is as thick as fog in Halifax Harbour.

    3. Re:How is this news? by Sir+Holo · · Score: 1

      So someone copied a list of email addresses from Bell.

      Yawn.

      You seen unaware that Bell Canada provides managed security services for government and corporate clients. The irony is as thick as fog in Halifax Harbour.

      Whoa. Thanks. LOL

  8. Re:1.9 million Canadians? by Anonymous Coward · · Score: 0

    As a Canadian, you made my day. Tx :)

  9. As a former teleglobe employee by Anonymous Coward · · Score: 0

    Fuck Bell Canada. (We often said this around the office in Chantilly, VA quite loudly when we knew the layoffs were coming).

  10. Bell Service Not Universally Horrible by Anonymous Coward · · Score: 0

    They replaced probably ten miles of cable on the pole trying to get my mother's internet to work, plus some inside wiring. Their people in the field can be very nice.

    1. Re:Bell Service Not Universally Horrible by DontBeAMoran · · Score: 1

      The people on the technical side are always the best. The ones in customer service are stuck with the requirements of the company. The ones in billing don't seem to even be aware that prices in developed countries are a fraction of what we're paying here. And the people at the top don't even care that the speed and limitations of their internet services are the laughing stock of the planet.

      --
      #DeleteFacebook
  11. Re:1.9 million Canadians? by Anonymous Coward · · Score: 0

    Get away from my igloo.

  12. Why don't companies learn by SniffTheGlove · · Score: 1

    1) Why can't most data be kept Airgapped. Do companies really need to have everything on the public internet

    2) Why can't all data be encrypted in databases, not just passwords but everything. So what if it take a couple of extra seconds waiting for the decrypt.

    1. Re:Why don't companies learn by Anonymous Coward · · Score: 0

      Millennials.

  13. Re:1.9 million Canadians? by uberdilligaff · · Score: 1

    The Canada - US exchange rate is currently 0.74, so that 1,900,000 Canadians converts to 1,406,000 Americans. But their gallons are bigger, though...

    --
    Against stupidity, the Gods themselves contend in vain. --Friederich Schiller
  14. Re: 1.9 million Canadians? by thundercattt · · Score: 1

    Always makes my day to see Bell and their outsourcing scumbag company get some negative PR for consistently receiving the worst CDN company year after year. Rot in hell Bell

  15. Re:1.9 million Canadians? by Anonymous Coward · · Score: 0

    That's because we're not as fat, eh?

  16. gallons by Anonymous Coward · · Score: 0

    Canadians don't use gallons, you insensitive clod.

  17. In other words by Anonymous Coward · · Score: 0

    They got caught selling it, and threw a random anonymous scapegoat under the bus "because that way nobody gets hurt".