Bell Canada has started informing customers that their personal data has been compromised in a breach that reportedly affects up to 100,000 individuals.
Bell told customers that their names and email addresses were aaccessed by hackers, but the company said in an emailed statement that the attackers also obtained phone numbers, usernames and/or account numbers for a limited number of people. The telecoms company, however, says there is no evidence that credit card or banking information has been compromised.
In response to the incident, Bell has implemented additional authentication and identification requirements for accessing accounts. The company has also advised users to frequently change their password and security questions, and regularly review their financial and online accounts for unauthorized activity.
“The protection of consumer and corporate information is of primary importance to Bell,” John Watson, Executive Vice-President of Customer Experience at Bell Canada, told customers. “We work closely with the RCMP and other law enforcement agencies, government bodies and the broader technology industry to combat the growth of cyber crimes.”
Lisa Baergen, marketing director with Vancouver-based NuData Security, a Mastercard company, pointed out that even limited information such as names and email addresses can be useful to malicious actors.
“We all know bad actors are very talented at preparing fraud schemes with that information, such as phishing scams or dictionary attacks – where fraudsters try certain common passwords based on the user’s personal information,” Baergen said.
“Bell is doing the right thing by evaluating the extent of the damage and keeping customers updated,” she added. “However, to avoid damage after a breach, companies that share clients with Bell can consider applying multi-layered security solutions based on passive biometrics to protect their business and their customers from account takeover of another type of fraud. Online security technologies that evaluate a user or a transaction based on their behavior and not only on their – potentially stolen – static information, thwart all fraudulent attempts that inevitably come after a data breach.”
This is the second time Bell Canada has informed customers of a data breach. In May last year, the company admitted that approximately 1.9 million active email addresses and roughly 1,700 names and active phone numbers were accessed by a hacker.
Bell told SecurityWeek that the latest incident is unrelated to the cyberattack disclosed in May.
*Updated with information from Bell, including clarification that the two incidents are not related
Related: Breach at PayPal Subsidiary Affects 1.6 Million Customers
Related: Nissan Canada Informs 1.1 Million Customers of Data Breach

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Dole Says Employee Information Compromised in Ransomware Attack
- High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian
- CISA Expands Cybersecurity Committee, Updates Baseline Security Goals
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
Latest News
- Tesla Hacked Twice at Pwn2Own Exploit Contest
- CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections
- Critical WooCommerce Payments Vulnerability Leads to Site Takeover
- PoC Exploit Published for Just-Patched Veeam Data Backup Solution Flaw
- CISA Gets Proactive With New Pre-Ransomware Alerts
- Watch on Demand: Supply Chain & Third-Party Risk Summit Sessions
- TikTok CEO Grilled by Skeptical Lawmakers on Safety, Content
- CISA, NSA Issue Guidance for IAM Administrators
