CBA Security Breach

Via Michael Geist:

The CBA is reporting a security breach of their computer system:

An audit of the CBA online web systems has revealed unauthorized third party access to the system during the recent holiday period.

Immediate steps were taken to further enhance the security of the site, and those whose records were potentially affected are being notified of this unauthorized activity.

The CBA takes the privacy of members very seriously and has taken appropriate steps to ensure that this type of incident does not happen again.

Michael quotes them as telling members:

Your records may have been affected by this unauthorized activity. The files contained personal information relating to online orders (name, address, phone, fax, member number) and encrypted credit card information. We have no reason to believe that the encrypted credit card information was compromised. CBA uses one of the most secure encryption solutions available to protect credit card information. As a precautionary measure, we recommend that members monitor their credit card accounts for suspicious activity.