CBC reports:
Thousands of members of a gymnastics centre in Gatineau, Que., may have had their personal and financial data stolen after a possible computer breach.
Some 21,000 members of Unigym Gatineau learned about the Oct. 6 breach in an email from the club on Wednesday.
The compromised data includes names, contact information, social insurance numbers, health insurance numbers, banking information and credit card numbers, including the three-digit security codes and expiry dates.
According to Unigym, however, it only kept the financial information of about 300 competitive members on file. For the rest of its clients, only names and contact information may have been breached, the gym said.
[…]
It took the gym’s web provider [Tonik Web Studio] three days to discover the breach, and another week to notify Unigym Gatineau. It took the gym more than a week after that to notify members.
Unigym chair Jean-Paul Caron acknowledged that delay, which he blamed on the web provider.
Read more at MSN.
There’s no real explanation of how the breach occurred, however.