Ontario Cannabis Store reports data breach affecting 4,500 customers

Compartir

A spokeswoman for the federal privacy commissioner said Canada Post has notified the office of the incident and they have been in touch with the Ontario office. The crown corporation states that it has worked closely with Canada Post to "identify the cause of the issue and to prevent further unauthorized access to customer delivery information". That information included postal codes, the date of delivery, the name or initials of the person who signed for it, the Canada Post tracking number and the OCS reference number for the order. "Although Canada Post is making its own determination as to whether notification of customers is required in this instance, the OCS has notified all relevant customers".

Patrick Ford, president and CEO of the Ontario Cannabis Retail Corporation, sent a letter to the head of Canada Post on November 2 demanding affected individuals be notified immediately.

According to said statement, no other details were accessed, and the OCS website was not impacted.

The privacy of 4,500 Ontario Cannabis Store customers was breached through what the online retailer says was a weakness in Canada Post's tracking website, the Toronto Sun has learned.

"We are also satisfied that the flaw exploited in the breach was with Canada Post's system".

Dallas Cowboys: 3 Big takeaways from loss vs
The 25-year-old Titans safety then ran to midfield and posed on the Cowboys' star logo. Garrett revealed a possible crack Tuesday.

"Canada Post takes the privacy of information seriously and continues to work with OCS".

"As a result, important fixes have been put in place by both organizations to prevent any further unauthorized access to customer information", the Crown corporation said.

"We ... are also engaging with Canada Post to better understand what occurred and what is being done to mitigate the situation", Tobi Cohen said in an email.

In answer to an opposition question on Wednesday, Prime Minister Justin Trudeau told the House of Commons the breach was fixed and would not be repeated. In this instance, he said, it appears Canada Post took the position that it was a vendor to the OCS and, thus, the responsibility to notify the affected customers lay with the provincial outlet.

Compartir