Exploit: Third Party Data Breach
Canada Post: Postal Service
Risk to Business: 1.882 = Severe
A supplier’s malware attack is responsible for a nasty data breach at Canada Post affecting 44 of the company’s large business clients and their 950,000 receiving customers. The exposure comes from Commport Communications, an electronic data interchange (EDI) solution supplier that manages shipping data for business customers, informed Canada Post that address data associated with some of their customers had been compromised in May 2021. Canada Post has announced that only shipping information pertaining to less than 50 corporate customers was involved.
Individual Impact: No sensitive personal or financial information has been declared compromised in this incident and the investigation is ongoing.
Customers Impacted: 44 companies and an estimated 950,000 individual addresses
How it Could Affect Your Customers’ Business: Third-party and supply chain data breaches like this one are becoming all too common as clever cybercriminals go for data-rich targets – and the problem will only get worse thanks to booming dark web data markets.