BreachExchange mailing list archives
Security breach of OC Transpo My Alerts may have compromised accounts
From: Destry Winant <destry () riskbasedsecurity com>
Date: Thu, 10 Dec 2020 09:48:03 -0600
https://www.cbc.ca/news/canada/ottawa/oc-transpo-my-alerts-subscriber-emails-passwords-compromised People who use the OC Transpo My Alerts system may have had their emails and passwords compromised, says the City of Ottawa. The My Alerts system is used to notify customers about changes to transit service by email or text, a news release from the city said Friday. People's financial and credit card information are not affected, and there's no impact to the city's payment system nor Presto, according to the city. Subscribers to the My Alerts system who use the same password for other accounts are advised to change their passwords. "Other private accounts that use the same password could be at risk. The Canadian Centre for Cyber Security advises against using the same password for multiple accounts," reads the release. The affected system is currently shut down, but people who are already subscribed will continue to get notifications. Cyber security expert hired "The safety and security of all customers is our top priority. The City is investigating to determine how and when this information was accessed," reads the news release. The city says it has asked a third-party expert in cyber security to look at the system and make sure "the vulnerability that caused this issue is resolved." The city says it apologizes to My Alerts subscribers for the incident. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Security breach of OC Transpo My Alerts may have compromised accounts Destry Winant (Dec 10)