Security Shortcomings Caused Toronto Hydro Breach
DATA LOSS—CANADAMarch 30, 2010
The Information and Privacy Commissioner of Ontario has said Toronto Hydro Corporation must fix the "security shortcomings" that led to a breach of its e-billing system last year, the Toronto Star reports. The breach involved a third party's unauthorized access to account numbers for all of Toronto Hydro's 640,000 customers and the use of 179,000 of those numbers to create online billing accounts for customers without their consent, the report states. The commissioner is recommending Toronto Hydro include complex passwords, e-mail address verification and activation codes to improve e-billing security. "The fortunate thing in this case, we haven't seen any evidence it was used improperly," said Assistant Commissioner Brian Beamish.