Canada Post’s third-party supplier, Commport Communications was hit with a ransomware attack. 44 of Canada Post’s biggest customers had shipping information of their customers exposed.

The data which was accessed includes sender and receiver contact information, names, and mailing addresses. As stated above, 44 Canada Post customers were affected, and among their customers, 950,000 people were affected.

The Canada Post released a statement regarding the breach, “After a detailed forensic investigation, there is no evidence that any financial information was breached. In all, the impacted shipping manifests for the 44 commercial customers contained information relating to just over 950 thousand receiving customers. After a thorough review of the shipping manifest files, we’ve determined the following:

  • The information is from July 2016 to March 2019
  • The vast majority (97%) contained the name and address of the receiving customer
  • The remainder (3%) contained an email address and/or phone number”

Beginning in December 2020, the ransomware group, Lorenz, posted information from the Commport Communications breach on their leak site. They’ve uploaded 35.3 GB of data since they carried out the attack.

At the time of the attack, Canada Post did not have reason to believe any data was accessed. The leak site has proven this belief to be false.

SpearTip’s certified engineers work around the clock to identify and mitigate threats for our partners. As new ransomware strains emerge and intelligence is shared among the cyber community, we can conduct malware analysis to ensure our partners are not at risk. With this we can structure security protocols to defend against these threats.

When your organization incorporates a Security Operations Center as a Service (SOCaaS), you’ll be relieved of all the headaches that come from dealing with constant cyber threats. Our engineers work in tandem with our proprietary endpoint detection and response tool, ShadowSpear®, in order to create the most robust security structure tailored specifically for your organization, no matter the size or industry.

Our team will continuously monitor environments 24/7 in our US based Security Operations Center. Our certified engineers work in unison with our proprietary endpoint detection and response tool, ShadowSpear®. This allows your organization to have a direct communication with our engineers at any moment and a completely transparent view of your risk profile.

If you think your organization has been breached, call our Security Operations Center at 833.997.7327.