You know, I’m kinda starting to feel bad. We rarely write about CPA Canada and when we do, it’s because of some epic technological snafu that has disrupted their exam process or, as is the case with the news I’m sharing with you today, otherwise adversely impacted its member base. I don’t think there’s ever been a time we’ve said “wow, great job!” but maybe that’s just because we’re bitter, xenophobic Americans only interested in the dumpster fires. Whatever.
I want to get something out of the way before we get to the actual story: I mean no disrespect to technologically illiterate grandmas. It’s expected for grandmas to need a little help when it comes to navigating the Internet. I remember when my own grandma got her first computer in the late ’90s and asked me in the most nonchalant way possible, “Adrienne, why do these strange people keep sending me emails about adding three inches to my penis and how do I make it stop?” My poor grandma, all she wanted to do was look up recipes and play Slingo and here’s the sleezy side of the Internet blowing up her AOL address with dick pills.
Anyhoo. Back to CPA Canada. In a press release today, the 210,000-member-strong organization announced a “data security incident” affecting “over 329,000 individuals, including members and other stakeholders.” Let’s see what they’ve got to say for themselves:
Chartered Professional Accountants of Canada (CPA Canada) has notified individuals of a data security incident affecting personal information held by the organization.
CPA Canada discovered that an unauthorized third party accessed certain personal information through a cyber-attack against the CPA Canada website. Upon discovering this, CPA Canada, with the assistance of cybersecurity experts, took immediate steps to secure its systems and conduct a comprehensive analysis to determine what information may have been involved.
“We immediately took steps to contain the incident and secure our systems, undertake a thorough investigation to identify those affected, and then notify them of the incident,” said Joy Thomas, President and CEO of CPA Canada.
The release goes on to say that the involved information “predominately relates to the distribution of the CPA Magazine and includes personal information such as names, addresses, email addresses and employer names.” Apparently the haxxors were also able to gain access to passwords and full credit card numbers; however, CPA Canada says these were protected by encryption.
Trying to get ahead of this information breach, CPA Canada let affected individuals know they should be on the lookout for phishing scams, even — or perhaps especially is a better word here — if the emails appear to come from CPA Canada.
Stuff like this kinda makes you long for the good old days when all you had to worry about on the Internet was 60-year-old truck drivers trying to chat with your 14-year-old self and spam emails about growing a couple of inches on your schlong, eh?