Menu

Topics

Connect

Comments

Comments closed.

Due to the sensitive and/or legal subject matter of some of the content on globalnews.ca, we reserve the ability to disable comments from time to time.

Please see our Commenting Policy for more.

Calgary charity hit by data breach says it responded appropriately despite client concerns

A Calgary charity hit by a data breach last fall says it followed the right protocols and timelines after client questions how long it took to be notified. Tomasia DaSilva has details – May 26, 2022

A Calgary charity has confirmed to Global News it was the victim of an email data breach last fall.

Story continues below advertisement

Now, one of its former clients wants to know why it took so long to be alerted.

The Calgary Urban Project Society (CUPS) sent an email to Michael Friesen on Wednesday to inform him that a staff member’s email account had been hacked and some of his personal information may have been put at risk. That information included his driver’s license, bank statements and rent report.

“It’s a little scary to get that in the middle of the day. Your heart kind of palpitates a little bit and you don’t know what you’re going to do,” Friesen said.

Friesen was a CUPS client in 2020 after fleeing an abusive relationship. He provided the non-profit with his personal information so it could help him access funding for a place to live.

Story continues below advertisement

CUPS helps vulnerable Calgarians facing the challenges of poverty and trauma.

Friesen appreciates the help CUPS has been in the past. But he wishes he had been told about the September hack sooner.

“Eight months of (personal data) just being out there and not being aware of it,” he said.

“The data breach: whatever, that’s not a big deal. Tell me the moment it happens, so I can stop it.”

Story continues below advertisement

CUPS senior director of operations Elaine Wilson told Global News the charitable organization acted quickly upon learning of the hack.

“As soon as we are made aware of any kind of potential breach, we make the report and we follow the recommendations, and the timeline that is provided,” she added.

That included contacting the Office of Information and Privacy Commissioner of Alberta. While awaiting a response, officials said they also initiated further measures to protect staff emails from this type of cyber attack, including two-step verification and email security education.

CUPS said the privacy commissioner responded to its inquiry on April 29 and that is when it started notifying clients.

“Our first priority is to the privacy of our clients’ information and the work that we do with our clients,” Wilson said.

Story continues below advertisement

“We have many measures in place to prevent anything. We are constantly assessing the risks as they are changing out there in cyberspace.”

The risks of data breaches continues to change and grow in Canada. According to the Office of the Privacy Commissioner of Canada, it received 782 breach reports affecting at least nine million Canadian accounts during the 2020-21 fiscal year.

Friesen — who just completed a cyber security course with the province — isn’t all that shocked.

“I’m not surprised that it’s happening,” he said. “They’re only going to get worse.

“Cyber security is something we all need to be aware of.”

It’s the first time it happened to him, and he’s not looking forward to the fallout.

Story continues below advertisement

“I’m pretty sure that I’m ok. However, now I have to go through all of the stress of changing all my passwords or passphrases. It just gets a little chaotic.”

Advertisement

You are viewing an Accelerated Mobile Webpage.

View Original Article