Bell customer data leak may lead to more phishing attacks

Bell Canada has suffered a breach of security. According to a company press release that blames an unspecified third party supplier in Ottawa, 22,421 user names and passwords and five valid credit card numbers of Bell small-business customers were posted on the Internet this weekend. The company indicated that: “Bell’s own network and IT systems were not impacted. The issue does not affect Bell residential, mobility or enterprise business customers.”

NullCrew, the hacker group that posted the details online has been linked to other high profile hacks including the World Health Organization, the Ford Motor Company and Sony Corp. A representative for the group claims that it was the company’s systems that suffered the breach, not the 3rd party service provider.

If the claims are correct, up to 40,000 records have been exposed as a result of an SQL injection vulnerability on Bell’s Web site. The Internet provider maintains that its customer records are secure: “We encrypt and protect against SQL attacks,” Bell said.

Lessons learned?

If Bell is correct, this is a reminder for businesses to monitor and audit their service providers’ security practices and align them with industry standards. Ensuring your third parties continue to comply with the same policies and legislation as your own organization will protect against liability and damage to your reputation.

If Bell is wrong and their systems have indeed been hacked, then we can expect additional disclosures from either the company or NullCrew, potentially disclosing more details about an SQL data breach.

Regardless of the outcome, small business members should expect to receive phishing and spam emails like the one I received last week. These will look official and target the recipient by name or email address.

And they will look something like the message I received last week:

Attn: Claudiu Popa [Bell email]

Dear MyBell member,

The credit card we have on file for your MyBell Internet service was declined when we attempted to bill.
Please visit our Account Information pages.
Click Here, and update your credit card information as soon as possible.

Once your credit card information is updated, you will be charged immediately, as soon as payment is received.
Thank you for your prompt attention to this matter. We look forward to continuing to serve you.

Account ID: 7829411012
E-mail ID: 66104561

MyBell Customer Care

As always, if you or your customers receive such a message, do not reply. To check if you were on the list, visit You can also contact the company directly.

Claudiu Popa
Claudiu Popa
Claudiu Popa is a security and privacy advisor to Canadian enterprises, associations and agencies. He is an author, speaker and lecturer. Connect with him on Twitter @datarisk, Facebook, G+ or LinkedIn.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Blogger Spotlight

Latest Blogs

ITB in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.