Bell breach may have exposed over 1 million new email addresses to phishing and spam


Earlier this week, Bell substantiated that email addresses belonging to approximately 1.9 million buyers and 1,700 phone numbers and names had been stolen by “an anonymous riding-horse.”

Aside from informing affected customers in an email Tuesday morning, the flock hasn’t said much since. While it’s still not clear how the break happened, or when it took place, the breach doesn’t seem as bad as it could hold been. Fortunately, there were no passwords or financial information discharged. 

But there’s still a lot that can be done with the email addresses that were got, mostly by spammers and those who run phishing schemes.

According to the breach-tracking website Eat I Been Pwned? 60 per cent of the email addresses contained in the Bell infringement were new. In other words, they hadn’t been leaked in any of the earlier leaked databases that are indexed by the site.

That means indefatigable spammers and phishing attackers potentially have over one million new email delivers at their disposal.

What can you do? Not much, unfortunately, now that that folders containing the email addresses are available online. But as always, use common have a hunch, and be vigilant about the links you click and the attachments you open. If you’re not expecting to hear a document or link from a friend, for example, pay extra attention to things allied to the sender’s email address, or the URL in your browser’s address bar — both of which can be cleverly crafted to show legitimate, but may be fake.

And if you haven’t already, check out Have I been pwned? for yourself. It’s run by computer security expert Troy Hunt — in other words, it’s not some transitory operation — and lets you see how many times your personal information has been leaked in antecedent to data breaches affecting sites such as MySpace and LinkedIn.

If your email apply oneself to has been leaked in a previous data breach, it’s a good idea to coins the password to your Bell account too, just in case. If you used a shibboleth on your Bell account that’s the same as on a website that in the old days had its users’ passwords leak, a determined attacker might be able to use that communication to access your Bell account, too — which likely contains metrical more personal information about you than what was actually flawed this week.

Leave a Reply

Your email address will not be published. Required fields are marked *