Capital One breach the latest example of the growing risk of data hacks

TORONTO — This week’s massive Capital One data breach is the latest in a string of cyberattacks that experts say are becoming larger and more frequent, as corporations hold more personal data in online repositories that are a treasure trove for hackers.

“There’s definitely a rise in personal data theft, there’s a rise in data breaches,” said Claudiu Popa, a cybersecurity expert with Datarisk Canada.

The Capital One breach exposed the data of about six million Canadians, including about a million social insurance numbers. The company says it will start to notify affected Canadians next week either by letter or email.

The incident also exposed the data of roughly 100 million U.S. clients, including about 140,000 Social Security numbers and 80,000 linked bank account numbers.

In addition to credit card application data such as phone numbers, email addresses, dates of birth and self-reported income, the hacker was also able to access credit scores, credit limits and balances, as well as fragments of transaction information from a total of 23 days in 2016, 2017 and 2018.

The breach comes about a month after Desjardins Group said personal information from more than 2.9 million of its members was stolen, while major data breaches from Equifax, Marriott Hotels, Uber and other companies have exposed consumer data in the past few years alone.

A recent IBM study found that companies globally have a 30 per cent chance of experiencing a data breach within two years, up from 23 per cent in 2014.

Part of what’s making these breaches more common is that companies are collecting so much more information and thinking up new ways to make use of it, said Popa.

“It’s almost harder for us to anticipate what legitimate businesses are going to think up doing with the information that, for the most part, they over-collect, rather than for us to keep ahead of criminals.”

The trend to over-collect and hoard data should prompt customers to ask questions including how soon they will dispose of data, said Popa, given that the Capital One breach included credit card applications going as far back as 2005.

Customers should remember they can influence company policies, even if the hacks start to feel inevitable, he said.

The apparent inevitability of such attacks has, perhaps ironically, also made some consumers more blase.

“Unfortunately many people are jaded and desensitized because of the prevalence of all these attacks. It seems like it’s happening on a weekly basis, it seems like they are powerless to prevent them,” Popa said.

Data hacks and cybercrime, however, shouldn’t just be accepted, said Daniel Tobok, chief executive of Cytelligence Inc.

“It’s happening more and more, but it doesn’t mean it should be normalized or we should get used to it as just another day at the office. This is a problem.”

He said part of the problem is that Canadian regulations lack teeth and present limited options to fine companies, while jurisdictional issues make it hard to track and prosecute the thieves.

Another issue is that the thefts can be quite profitable, said Tobok.

“The real reason why there’s more and more breaches is because it’s extremely lucrative for the cybercriminals.”

The rise in data hacks has coincided with a rise in cybercrimes reported to police. Cyber-related fraud, for example, climbed from 7,332 incidents in 2014 to 16,422 last year according to Statistics Canada.

Companies need to be pressured to more proactively protect data through encryption and investigations, as too few are making the proper investments, he said.

“There’s still a feeling of it’s not going to happen to us,” said Tobok.

Criminals are also staying steps ahead of attempts to safeguard databases, said Iman Sharafaldin, a researcher at the Canadian Institute for Cybersecurity.

He said powerful automated tools and more access to information make it harder to stop breaches.

“Nowadays you can learn hacking stuff by searching YouTube videos.”

Given the challenges of safeguarding data, experts recommend that customers should think carefully before handing over any information to companies.

In the Capital One breach, for example, social insurance numbers from a million Canadians were stolen — even though the number isn’t required in a credit card application.

Just Posted

WATCH: Parkland Garden Centre hosts weekly Craft and Market Sale

A weekly event hosted by the Parkland Nurseries Garden Centre gives Red… Continue reading

Red Deer region’s unemployment drops in November

Provincially and Canada-wide November jobless rate increased

Red Deer loses out on funding for addiction clinic

$8 million divided among eight communities

Man accused in toddler son’s death inept parent, not murderer: defence

EDMONTON — A defence lawyer says a man who is accused of… Continue reading

Feds approve Alberta’s carbon tax on big industrial emitters

OTTAWA — The federal government is giving the Alberta government a passing… Continue reading

Fashion Fridays: Ethical and sustainable gifts for the season

Kim XO, helps to keep you looking good on Fashion Fridays on the Black Press Media Network

Your community calendar

Friday The Annual Old-Fashioned Country Christmas is being held Dec. 13 at… Continue reading

Woman, 58, dies after two vehicles collide with the same deer

NEEPAWA, Man. — RCMP say a 58-year-old woman is dead after a… Continue reading

B.C. treaty commissioner expects UNDRIP bill to speed treaty talks, more deals

VICTORIA — The often bumpy and slow path toward treaty making in… Continue reading

‘Kids will fall through the cracks:’ Advocates critical of child-welfare changes

WINNIPEG — Advocates for children and First Nations say the federal government… Continue reading

‘Mexico, US, Canada trade talks continue in Washington

WASHINGTON — Mexico’s top trade negotiator wrapped up an 11-hour meeting with… Continue reading

Singh reiterates support for Fredericton abortion clinic fighting to stay open

FREDERICTON — NDP Leader Jagmeet Singh visited a Fredericton abortion clinic today… Continue reading

No winning ticket for Friday night’s $21 million Lotto Max jackpot

TORONTO — No winning ticket was sold for the $21 million jackpot… Continue reading

Somber ceremony recalls those killed in Pearl Harbor attack

PEARL HARBOR, Hawaii — More than 2,000 people attended a ceremony Saturday… Continue reading

Most Read