Menu

Topics

TV Programs

Connect

Local

your local region

National

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

Calendar

Calendar

Search

Quick Search

  •  
  •  
  •  
  •  
  •  
  •  

Trending Now

  •  
     
  •  
     
  •  
     
  •  
     
  •  
     
  •  
     

Add Global News to Home Screen

Instructions:

  1. Press the share icon on your browser
  2. Select Add to Home Screen
  3. Press Add

Comments

Want to discuss? Please read our Commenting Policy first.

Video link
Headline link
Advertisement
Canada

Metrolinx investigating privacy breach after 2K email addresses of fined riders revealed

By Nick Westoll Global News
Posted August 5, 2020 3:47 pm
2 min read
The email to more than 2,000 GO Transit riders was sent out Wednesday morning. View image in full screen
The email to more than 2,000 GO Transit riders was sent out Wednesday morning. Nick Westoll / File / Global News
Share this item via WhatsApp

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

Metrolinx, the transit organization that oversees GO Transit and UP Express, officials say they are investigating a privacy breach that saw more than 2,000 email addresses of riders who were fined publicly revealed in a mass email.

The email, entitled Tell us about your experience with compliance services at GO Transit, was sent out by market research staff with Metrolinx just after 10:45 a.m. on Wednesday. Staff were attempting to get feedback from riders on their interactions with the compliance services office, which processes tickets, fines and handles ticket disputes.

“If you participate in this survey, your responses will be kept anonymous and confidential. Answers will be reviewed only in aggregate to help us improve our services,” a copy of the email message provided to Global News said in part.

Story continues below advertisement

However, the email addresses were seemingly put in a public email address field versus the blind carbon copy field, allowing fellow riders to potentially identify who else was ticketed if the email address contained a name.

The email you need for the day's top news stories from Canada and around the world.

Anne Marie Aikins, a spokesperson with Metrolinx, told Global News the public listing of email addresses goes against the transit agency’s privacy policies.

She said an investigation was launched shortly after the email went out in order to identify how the email addresses were revealed and how to prevent a similar instance in the future.

“We unreservedly apologize,” Aikins said.

Click to play video: 'Metrolinx the target of North Korean cyberattack'
Metrolinx the target of North Korean cyberattack
Trending Now

“We have very, very strict policies and procedures in place to protect our customers’ privacy and confidentiality, and those procedures and processes weren’t followed in this instance.”

Story continues below advertisement

She said Metrolinx contacted Ontario’s privacy commissioner to ask for guidance on handling the privacy breach, and said they were told to encourage those on the email to not reply all and to delete the message.

Aikins said there were no further personal identifiers in the email aside from the addresses, such as the types of fines issued, full names and addresses or payment information.

More on Toronto
© 2020 Global News, a division of Corus Entertainment Inc.

Sponsored content

AdChoices