A spokesperson for Rogers sent DataBreaches.net the following statement about the hack reported here yesterday:
A single email address of one of our enterprise sales employees, who managed a small number of medium business accounts, was accessed last week by a third
party due to human error (not system error). The third party was able to
access a small number of business agreements managed by this employee. The
agreements include the business name, business address, business phone number
and pricing details. They do not contain personal or financial information.
The third party did not have access to any information on our retail customers
(consumer accounts).As soon as we discovered the situation we took all the necessary steps to
secure our systems. We are working with the police and we have been contacting
affected business customers. As a precaution, we’ve put additional security
procedures in place for our business customers. We take the privacy and
security of our customers’ information very seriously and we will continue to
review our policies and procedures.
Well, +1 for Rogers putting a statement out.
But, mmm
Rogers said:
“A single email address of one of our enterprise sales employees, who managed a small number of medium business accounts, was accessed last week”
What about the data they gained by directly accessing Rogers network at http://rogerscontracttool.ca/ ? Seems this Rogers site also went down at one point.
Seems it was more than data that was only constrained to one Email account. Looks (at least to me) any data the login credentials gave access to on some kind of Rogers portal as well. No?
I guess only “Teamhans_” can answer that one.