Unknown hackers hack into CPA Canada website, steal personal identifiable information of over 300,000 Accountants
Unknown hackers hacked into the webservers of Chartered Professional Accounts of Canada (CPA Canada) website and stole information of over 300,000 Canadian accountants. The data breach on the CPA Canada website happened last week.
The hack attack was revealed by the Chartered Professional Accountants of Canada (CPA Canada) in a press statement published on their website. CPA Canada says that unknown hackers gained unauthorized entry into their webservers and managed to access personal information stored on the website. CPA Canada says that personal identifiable information like email ids, addresses, mobile numbers, etc. of over 300,000 CPAs and others enrolled with it may have been exposed in the data breach.
CPA said that it had informed over 329,000 individuals including members and others about the data breach and warned of follow-on attacks. CPA says that the stolen information relates mainly to the CPA Magazine and includes names, addresses, email addresses, and employer names.
CPA Canada today has notified affected individuals that the information involved could be used for the purposes of targeted phishing scams. CPA Canada is encouraging affected individuals to remain vigilant about any emails they may receive asking them to provide sensitive information or click on links or attachments, even if they appear to come from CPA Canada or an individual or company they know or trust.
CPA Canada says that they took “immediate steps” to secure their webservers as soon as the hack was discovered but it was difficult to say when the hackers gained entry or how long they have had access to the 300,000+ CPA accounts. The organization said that the hacking could be linked to a phishing alert in April 2020. CPA Canada had asked its followers to change their passwords after the phishing attempt was discovered, “We are told that these emails appear to originate from the IT department of the employer of the individual receiving the message. These emails suggest that their IT department suspects a cybersecurity compromise with the cpacanada.ca domain,” it explained at the time.
It is important to note that the hack attack on CPA Canada may insignificant but could have unknown after-effects as most of these CPAs have high and mighty clients whose accounts could be vulnerable indirectly after this data breach. The same had happened when unknown hackers hacked into the webservers of Grubman Shire Meiselas & Sacks, a Law Firm based in New York City. Through this hack, the hackers were able to gain access to documents belonging to A-listers from Hollywood including John Mellencamp, Elton John, David Letterman, Robert DeNiro, Christina Aguilera, Barbra Streisand, and Madonna.