Chartered Professional Accountants of Canada (CPA) has disclosed a security breach that affects more than 329,000 individuals.
Among the affected individuals are members and other stakeholders. The organization says an unauthorized third party accessed certain personal information through a cyber attack against the CPA Canada website.
The information that was accessed mainly includes details related to the distribution of the CPA magazine. This includes personal information such as names, addresses, email addresses and employer names.
In cases where passwords and full credit card numbers were affected, they were protected by encryption, the organization says.
Affected individuals have been notified that their information could be used in targeted phishing scams. CPA is advising affected individuals to remain vigilant about any emails they may receive asking them to provide sensitive information or click on links or attachments.
The CPA says that once it discovered the breach, it took immediate steps to secure its systems and conduct an analysis to determine what information may have been compromised.
“We immediately took steps to contain the incident and secure our systems, undertake a thorough investigation to identify those affected, and then notify them of the incident,” said Joy Thomas, the president and CEO of CPA Canada, in a press release.
CPA Canada is also in contact with the Canadian Anti-Fraud Centre and the appropriate privacy authorities. The organization says that it is important to note that provincial and regional CPA partners were not targeted in this attack, and that they operate independent websites, portals and systems.
Source: CPA Canada