Incidents are matters that the Office of the Privacy Commissioner learns of from various sources. The source can be the media or an organization that has raised a privacy concern with the Office. Frequently, a victim is not identified and a complaint has not been filed with the Office.
The Office conducts an investigation into the incident and summaries of noteworthy incident investigations will be posted as appropriate.
- Incident Summary #10: Cable provider removes personal information posted online of customers with overdue accounts
- Incident Summary #9: Online contest database hacked
- Incident Summary #8: Customer Invoices of Office Supply Company Available in Unsecured Form Online
- Incident Summary #7: Highway litter turns out to be customer data from company
- Incident Summary #6: Permanent verification controls put in place to prevent accidental disclosure of personal information when printing credit cards and accompanying letters for clients
- Incident Summary #5: Life insurance company employs best practices in responding to mass mailing error that risked exposing personal information
- Incident Summary #4: Service provider inadvertently discloses email addresses of nearly 300 customers in mass email
- Incident Summary #2: CIBC's privacy practices failed in cases of misdirected faxes
- Incident Summary #1: Misdirected faxes containing health information end up in apartment managers' hands
- Web site broadcasts cell phone conversations
September 17, 2001
- Transportation company collects and discloses passengers' personal information
April 20, 2001