Internal data breach discovered at Ikea Canada impacts 95,000 Canadians

Ikea Canada has revealed an internal data breach impacting 95,000 Canadians, Global News has learned.

One of those impacted, Calgarian Arthur Gallant, said he received an email from the retailer last week, advising him his privacy had been breached.

“I was stunned, I was shocked, I was speechless,” he said. “This is the third privacy breach since 2020 that my family has had to deal with.”

Read more: More privacy breaches affect military sexual misconduct class action members

Ikea confirmed the email and the privacy breach to Global News.

Officials also told us the furniture company acted quickly to prevent the data from being used, stored, or shared with any third parties. It also confirmed no financial or banking information was accessed.

Story continues below advertisement

Arthur Gallant questions customer data safety after breach. Global Calgary

Gallant said Ikea’s response was good, but not good enough.

“It’s cold comfort to be told my financial information was not accessed,” he said. “Because the information that was accessed is still pretty private.”

Read more: Calgary consumer questions SkipTheDishes security after ‘account takeover’

How the breach happened

Ikea Canada told Global News it was made aware that some of its customers’ personal information appeared in the results of a generic search made by an employee between March 1 to March 3.

A spokesperson added that the information was accessed by the person using Ikea’s customer database.

“While we can’t speculate as to why the search was made, we can share that we have taken actions to remedy this situation,” Ikea Canada PR leader Kristin Newbigging said.

Story continues below advertisement

Click to play video: 'OPP make two arrests in ‘immunization system breach’' OPP make two arrests in ‘immunization system breach’

OPP make two arrests in ‘immunization system breach’ – Nov 23, 2021

“We have also reviewed our internal processes and reminded our co-workers of their obligation to protect customer information.”

Gallant said it’s scary that employees need to be reminded of that.

“When you think of how many people work for these companies, how many people have access to their systems, it certainly rattles me,” he said.

“How can one person access private, confidential info of 95,000 customers over a three-day period? This is absolutely unacceptable.”

Ikea Canada has submitted a breach report to the Office of the Privacy Commissioner of Canada (OPC).

OPC officials confirmed they are in communication with the company to get more information and determine next steps. They would not say what those steps could be.

Story continues below advertisement

Click to play video: 'Hospital employee fired after ‘significant’ privacy breach' Hospital employee fired after ‘significant’ privacy breach

Hospital employee fired after ‘significant’ privacy breach – Jul 8, 2021

However, OPC did tell Global News during the 2020-21 fiscal year the office received 782 breach reports, affecting at least nine million Canadian accounts.

The privacy commissioner’s office and Ikea Canada advised people to be vigilant about their personal and financial data including advice on how to deal with breaches and how to protect their personal information.

Read more: Calgary police officer charged with snooping on person’s private information

Gallant has already taken steps to secure his information by putting a fraud block on his credit report and he urged others to do the same, despite any assurance from any company.

“Even though the email from Ikea says there is no financial information involved, in today’s day and age I simply can’t trust that.”

Advertisement

© 2022 Global News, a division of Corus Entertainment Inc.

View original article here Source