1.9 Million Bell Customer Email Addresses Stolen By 'Anonymous Hacker'

Bell, Canada's largest telecommunications company, said a hacker had accessed customer information containing about 1.9 million active email addresses and about 1,700 names and active phone numbers. The breach was not connected to the recent global WannaCry malware attacks, the company added. From a report: The information appears to have been posted online, but the company could not confirm the leaked data was one and the same. "There is no indication that any financial, password or other sensitive personal information was accessed," the company wrote in a statement. Bell said the incident was unrelated to the massive spike in ransomware infections that affected an estimated 200,000 computers in more than 150 countries late last week. It is not clear when the breach occurred, how the data was accessed, or how long the attacker had access to Bell's systems.

Pepperidge Farm remembers...

[grep+-v+'.*'+*]

1.9 million active email addresses and about 1,700 names and active phone numbers.

Remember the good old days when phone books ruled the earth? *1 The intrusion! OMG -- people could actually see how to spell your full name! AND obtain your phone number! AND your actual physical address. OH, the HORROR!! ( Heck, I understand the police force back then actually had phone number sorted phone-books instead of alphabetic ones for detective ease of use.)

Now, tying it to a specific usage case (customers) IS a little more specific, but being a customer of "Bell Canada's largest telecommunications company" isn't exactly an exclusive club. Same for the email addresses -- it's easy and effectively free to spam those, but aren't they receiving spam already? And just because "knowing" someone's there doesn't mean they'll actually be reading your message. Although it IS an ever-so-slightly more of a chance that they will. Almost doesn't seem like it's worth the bother -- but then again, I don't know anything about in the spam ecosystem.

It's still a bad event and should be prevented, but still: yawn. There is no indication that any [other data] was accessed" I'd be worried about what ELSE they did while they were (ARE) in there.

*1: You might not, but *I* do. Heck, I used and remember when the prefix was words and not just 7 or 10 numeric digits -- Mine was LOcust followed by 5 digits. My mom had a party line (single line shared between families, each with a separate ring) and even used a phone without a dial -- you picked it up and talked to the operator who then dialed it for you.

Re:Pepperidge Farm remembers...

[Picodon]

Remember the good old days when phone books ruled the earth? *1 The intrusion! OMG -- people could actually see how to spell your full name! AND obtain your phone number! AND your actual physical address. OH, the HORROR!!

It’s true that we used to be more open to associating our names to where we’d live and what we’d do or say (no need for a nickname when writing to the editor of the local paper). The huge difference, however, is that such information was mostly available to our (relative) neighbours: people living close to us, who could know us and that we could know; and if one of them attempted something unsavoury, the neighbourhood cops would likely take care of it. Besides, any information was available on a relatively temporary basis: this week’s paper, this year’s phonebook (as evidence, look at how sensational old information occasionally gets digged out of forgotten archives, by complete chance).

Nowadays, on the other hand, whatever is published about you is persistently (and “searchably”) available to the entire planet. Potential readership ncludes the whole world’s pool of crooks (and not just today’s pool, tomorrow’s too), including a few that have the smarts, the technical means, the incentive (a mere thousand dollars goes a long way in many places) and the intent to harm you for profit (of various kinds: strategic, commercial, financial, etc.); who can use fairly massive computing power to cross-reference information obtained from many sources to build an actionable profile; and who can do all that from the comfort of their own parents’ basement, without fear of being caught, being often located in places that either support or turn a blind eye on their activities, or simply don’t have the means to find and prosecute them.

This particular case seems, I agree, much less than terrifying, and your other points (what else was done?) are well-taken! But at the same time, we should not necessarily diminish the importance of privacy concerns by drawing comparisons to what we could afford to do thirty years ago.

Phone book leak?

Isn't this like "leaking" the old phone book? Name, address, telephone # (and now email address)?