Menu

Topics

Connect

Comments

Comments closed.

Due to the sensitive and/or legal subject matter of some of the content on globalnews.ca, we reserve the ability to disable comments from time to time.

Please see our Commenting Policy for more.

Whistler.ca website breached after hackers exploit ‘obscure vulnerability’

The Resort Municipality of Whistler says some personal information may have been compromised when its website was breached at the end of last month. Whistler.ca

The Resort Municipality of Whistler (RMOW) said its website suffered a security breach that may have compromised some people’s personal information.

Story continues below advertisement

In a bulletin posted on Friday, the municipality said it found that the Whistler.ca website had been breached on Dec. 28, and that staff took “immediate action” to “identify, contain and resolve the issue.”

The RMOW said Thursday that staff realized web forms built into the website to collect personal information may also have been vulnerable.

Those forms and any associated personal information were taken offline, and the entire site was reverted to an older, uncompromised version, the RMOW said.

The intent of the attack, according to the RMOW, appears to have been to re-direct visitors on Whistler.ca to other, possibly illicit websites.

The site is now being scanned for malware numerous times each day; the municipality will also conduct a security audit.

Story continues below advertisement

While the municipality does not believe that stealing personal information was the hackers’ main intent, it admitted that some such information was available, and said it is now reaching out via phone and email to people whose data could have been compromised.

No credit card information or social security numbers compromised, it said, and third-party sites like those relating to homeowner grants or parking ticket payments weren’t affected.

Global News has requested comment from the Whistler RCMP on the breach.

According to the RMOW, the Whistler.ca website was regularly scanned for security and its security patches were up to date.

The breach was related to “an obscure vulnerability that could not have been applied as a part of the regular updates, patches or monitoring efforts,” it added.

Story continues below advertisement

Anyone concerned that their personal information may have been exposed can contact Whistler Legislative Services at (604) 935-8118 or corporate@whistler.ca.

Advertisement

You are viewing an Accelerated Mobile Webpage.

View Original Article