P2015-ND-34

Between May 2014 and June 5, 2014, an unauthorized individual gained access to the Organization?s database containing personal information. The Organization was notified of the incident by one of its dealers whose customers? information was compromised. The intruder used a developer?s account on a business application (web portal) to access the database. The intruder collected the credit card numbers and card verification codes of three individuals, as well as the Social Insurance Number of one individual. Unauthorized purchases were made using the credit cards numbers.

File Type: pdf
File Size: 173 KB
Categories: 2015