The Association of Professional Engineers and Geoscientists of Alberta (APEGA) experienced a data breach last month, releasing names and email addresses of tens of thousands of its members following a phishing attack. According to Philip Mulder, director of communications for APEGA, 75,000 member records consisting of first name, last name, member ID and email addresses were given to an unknown party because of a phishing event. No credit card information or passwords were released.
"Our concern was the inconvenience that members were going to experience potentially by being spammed," Mulder said.
Phishing is a technique used to gain information or access.
This is often done by impersonating a legitimate party on the phone or in an email to trick someone into giving private information or for installing malicious software. APEGA senior leaders have initiated an investigation by an outside party. The association has said that it will share high-level results with members as appropriate upon completion of the investigation and report.
"There is an independent investigation underway, our intention was not to find fault and point fingers, but to see what lessons we could learn," Mulder said.
The association set up a temporary call centre to receive telephone and email inquiries regarding the data breach and its effect on members.
Passwords for the association’s self-serve centre have been reset.
Mulder said that this is just a precaution as the data breached cannot be used to access it.
The centre is used by members to pay dues and log compulsory professional development hours.
According to Public Safety Canada, in 2011 40 per cent of all cyber attacks were on small to medium-sized businesses.
Mainly these attacks are attempting to gain access to customer records, contact lists, employee information, banking info, servers and computers.
Research conducted by the Ponemon Institute – a research center dedicated to privacy, data protection and information security policy – shows that 100 per cent of businesses face attacks from trojans, viruses and worms.
More than 95 per cent face attacks from malware, 82 per cent from botnets and 64 per cent from web-based attacks.
Thirty per cent of businesses experience attacks from phishing or social engineer as well as malicious insiders.
According to Public Safety Canada, cyber attacks cost large businesses $284 per capita and more than $1000 per capita for smaller businesses.
Recent Comments
comments for this post are closed