Mountain Equipment Co-operative

On or about April 11 and 12, 2018, the Organization detected a significant number of attempted log-ins to its website, www.mec.ca, originating from a botnet. The botnet attempted to log into the website using numerous email addresses and passwords, which were not obtained from the Organization. More than 99% of the log-in attempts were unsuccessful because the email addresses were not known to the Organization. The Organization is unable to confirm precisely how many of its members had their online accounts accessed by the botnet; however, it believes that 27 Alberta members may have had their online accounts accessed. Of these, only 3 members had credit card information (last four digits only) stored on their account profile. The incident was discovered April 11, 2018 by the Organization?s web administrators, who noticed an unexpected increase in traffic and subsequently identified the botnet activity.

File Type: pdf
Categories: 2018
Tags: Unauthorized access