CPA Canada announced that it was the subject of a cyberattack that exposed personal information from approximately 329,000 individuals.
The attackers accessed contact information, including email addresses, that the membership organization held on its website. According to published reports, the information was largely related to the distribution of CPA Magazine, and CPA Canada said that passwords and credit card numbers were not among the compromised information.
“Safeguarding the information in our care is one of our most important responsibilities and we sincerely regret any concern this incident may cause,” said Joy Thomas, president and CEO of CPA Canada, in a statement. “We immediately took steps to contain the incident and secure our systems, undertake a thorough investigation to identify those affected, and then notify them of the incident.”
CPA Canada said that it has notified all the affected members and stakeholders, as well as Canadian law enforcement and the Canadian Anti-Fraud Centre.
It also warned members and others to “remain vigilant” about potential phishing emails, text messages and phone calls that may result from the breach, nothing that in general it does not contact members directly to ask for personal information.