You might be a regular user of Canada post especially those who will in Canada or working in Canada. There are a lots of valuable information every customer keeps in the their profile e.g personal details, address, credit cards etc. Even pay checks copies are there.
Canada Post Corporation, trading as Canada Post, is a Crown corporation which functions as the primary postal operator in Canada.wiki
Today morning, I received an email from Canada post regarding a cyber attack or data breach. As per Canada post email to the user, Canada Post is still investigating the matter however, it seems they are investigating a data breach in 2017.
An Interesting thing to look in the customer email, they are asking to change the password which we all have been using since 2017. If any compromise is done then it is too later to fix anything. Hackers would have already misused customer data long back. What’s the point of changing the password now?
It is pretty normal occurrences that most of the Organizations discover a cyber attack or data breach after a few months or years. When they call a cyber expert to investigate such cases, Cyber experts simply tell them that Yes there is a cyber attack but it happens 2 or 1 year back. So, relax! damage is already done.
My take on this issue:
Canada post response to the customers is standard response whenever a data breach happens and they never assessed the actual damage. No organization isn’t being transparent in such cases. They are lying about how big the data breach is? and how much damage is done to their customers? We have to wait & see.
Here is a sample email.