A Kamloops property-management company has beefed up its online security following a data breach that saw a hacker steal personal information of clients in an attempt to extort the firm with a demand for bitcoin.
Columbia Property Management owner John Brandon told KTW he was made aware of the situation in late February after receiving an “aggressive” email from a hacker who claimed to have stolen the company’s data.
“They said they wanted money,” Brandon said. “He was trying to blackmail me to pay him. But the breach was fixed the day it happened.”
According to Brandon, the hacker stole a document containing personal data from rental applications made for Columbia properties. The document included names, social insurance numbers, birthdates, driver’s licence numbers and income.
Brandon said Columbia contacted every client whose data was stolen and is offering them free credit monitoring for 12 months.
“That’s the first thing you do,” he said.
“Well, the first thing you do is fix it and contact the police, which we did. Then you contact everyone. We contacted every client that could have been breached. And we’ve changed some of the procedures so they won’t be able to access anything again.”
Kamloops Mounties confirmed to KTW they are investigating the incident, but RCMP Cpl. Jodi Shelkie said there’s not much police can do to track down the hacker.
“As the breach happened through their [Columbia’s] computer system, it is not possible to trace where or how it happened,” she said, citing privacy reasons in declining to offer any further information.
The hacker is still attempting to extort money from Columbia. Last week, some of the stolen data was posted to the visitor’s posts section of KTW’s Facebook page via a fake Facebook profile, but it was removed by newspaper staff.
The post to KTW’s Facebook page’s visitors post section listed a number of names and personal information and linked to a website that showed hundreds more names and personal data. That website has since disappeared.
KTW notified RCMP of the post and website.
Brandon said the incident has been an unwelcome surprise.
“I was sick that they were able to breach our system,” he said. “We spend thousands of dollars on computer systems, but I guess those hackers are pretty smart.”
According to Brandon, Columbia has since strengthened its security online.
“It’s unfortunate that it happened,” he said.
“So we try to figure out how it happened and make sure it never happens again. We spend a big percentage of revenue on computers, website, emails, because if your computer is broken, you’re pretty well hooped.”