Re: Canada: Bell probes theft of personal information on 3.4 million Ont., Que. clients

[security curmudgeon <jericho () attrition org>]

: (Finally, stealing the equivalent of a phone book makes headlines.  It 
: was only a matter of time...)
: 
: http://canadianpress.google.com/article/ALeqM5jYxNzISSg8CH4MSvbfAo61t7ioVQ
: 
: Bell Canada (TSX:BCE) is trying to determine just who has seen a limited 
: amount personal information on some 3.4 million of its clients in Quebec 
: and Ontario after a Montreal man was arrested Tuesday and faces charges 
: of stealing the data.
: 
: The telecommunications company said Tuesday it had recovered the stolen 
: data at a Montreal home but that it was fairly limited and only included 
: names, addresses, telephone numbers and a list of Bell services the 
: client subscribed to.

This is where the telco needs to come clean. Name, address and phone 
number of listed customers is obviously not any real breach.

That information of *unlisted* customers begins to be more of a concern.

They also need to define "services" here. Does this include DSL service? 
Just POTS services like call waiting?

: "There was no identity material beyond name, address and phone number," 
: Langton added. "(The information is) similar to what you'd find in the 
: white pages or a phone directory."

*Similar*, which does not rule out the possibility of unlisted customers.
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml