Bell, the largest telecommunications provider in Canada, has suffered a data breach affecting approximately 1.9 million customers.
While global attention was focused on the WannaCry ransomware outbreak—which disrupted systems worldwide, including those critical to the UK’s health service—a separate incident targeted Bell’s servers. In this unrelated attack, an individual or group gained unauthorized access to Bell’s systems and exfiltrated customer data.
In a brief statement, Bell Canada confirmed the breach and said the stolen information included names, email addresses and/or telephone numbers. The company added that there is no evidence that financial data or account passwords were accessed.
The attackers posted a sample of the stolen data on Pastebin accompanied by a message that appears to be an extortion demand. According to the post, the release occurred because Bell allegedly failed to “co‑operate” with the attackers, and the message warned that more customer data would be published if demands were not met.
“We are releasing a significant portion of Bell.ca’s data due to the fact that they have failed to [co‑operate] with us,” the Pastebin message read. “This shows how Bell doesn’t care for its [customers’] safety and they could have avoided this public announcement… Bell, if you don’t [co‑operate], more will leak.”
Bell urged customers to be vigilant for phishing emails and other suspicious communications. Even though the company indicated that passwords and financial information are unlikely to have been exposed, affected individuals should monitor bank and credit card statements closely and consider changing their Bell account passwords as a precaution.
Bell said it has contacted customers whose data was compromised and “took immediate steps to secure affected systems.” The company is working with the Royal Canadian Mounted Police (RCMP) cybercrime unit and has informed the Office of the Privacy Commissioner as part of the investigation.
This breach follows other recent cybersecurity incidents, including an attack against DocuSign and the widespread disruption caused by WannaCry, marking a challenging period for corporate and public sector security teams.
How do you view the recent spate of cybersecurity failures? Share your thoughts in the comments.