8fbd035081bd09934004bfc61d79c31c5d5d9ee4

Tagged: lcbo experienced

LCBO customer-data hack resulted from ‘stolen’ credentials at Toronto marketing agency

Open this photo in gallery:

A customer enters an LCBO store on Queen Street West in Toronto on Jan. 11.Fred Lum/the Globe and Mail

A hack of Liquor Control Board of Ontario consumer data was the result of login credentials being stolen by an unknown group that breached an e-mail platform used on behalf of the government-owned retailer by Toronto-based marketing agency Conversion Digital.

Earlier this week, the LCBO told customers that if they had ever signed up to receive promotional communications, their names, e-mail addresses, dates of birth, postal codes and Aeroplan loyalty program numbers have been compromised. Financial information was not affected, the LCBO said. It is not known if this breach was targeted.

The Crown corporation first learned about the situation on Aug. 9, stating that it is “unrelated to the cybersecurity incident the LCBO experienced in January.” Its internal systems, website and mobile application are operating normally, unlike the outages caused by the previous hack earlier this year, the LCBO said, pointing to Conversion Digital as being responsible for the new occurrence.

The system for Conversion Digital is isolated from LCBO networks and contains information that subscribers opt to provide, the liquor retailer said in an e-mailed statement.

But Conversion Digital, which calls itself “one of North America’s leading e-mail marketing agencies,” said a separate, third-party e-mail platform is responsible for the latest hacking incident.

“Stolen” credentials were used by yet-to-be-determined actors, who obtained unauthorized access to that e-mail platform, said Victoria Gray, Conversion Digital’s chief operating officer. She declined to name the e-mail platform, adding that no hackers reached out to Conversion Digital in connection with the credentials.

“Our investigation remains ongoing,” Ms. Gray said. “We have taken steps to further enhance security measures to help prevent a similar occurrence.”

The compromised

Read the rest