The Organization provides services and web-based software for childcare centres, organizations and agencies across Canada. On May 4, 2017, the Organization received a telephone call from a childcare centre in Manitoba indicating that a third party, while searching on the internet for a telephone number, was able to gain access to a report (a PDF file) containing the personal information of a child from that centre.
The Organization investigated and found the breach was caused by an unsecured folder residing on the Organization?s servers. The URLs of those reports were exposed by MS Internet Explorer on Microsoft Windows 10. When a client retrieved its report using the MS Internet Explorer browser on Windows 10, the browser registered all those URLs and sent them to Bing. Later, a Bing crawler indexed only those reports and not all reports residing on the server. All information was recovered and is no longer available on the internet as of May 9, 2017. The incident occurred between February 25, 2017 and May 10, 2017.
P2018-ND-022
File Type:
pdf
File Size:
336 KB
Categories:
2018