Chartered Professional Accountants of Canada, or known as CPA Canada is a national organization, the largest of its kind in the world, governing and representing the accounting profession in Canada and around the world. They issue guidance, leadership, quality assurance standards for businesses, audits, and financial assurance all across the country and their clients all over the globe.
Just recently, the organization revealed that they have just fallen victim to a cyber attack. An attack that almost crippled operations and affected more than 300,000 members of their association. Cybersecurity researchers that participated in the investigation disclosed that malicious actors initiated the attack against the network servers of the organization, which included the official website – cpacanada.ca.
According to the security researchers, there was a slightly suspicious event back in April where members’ emails were plagued and spammed with notices and warnings. The warnings are for them to change their password immediately to update their account on the official website. A security notice was released immediately following the sudden influx of spam emails. Their local IT personnel suspected a data breach was happening at the time. Still, there wasn’t enough evidence to go on. So they chose to advise all users to ignore such emails and not click on any links not coming from the organization.
Judging from that first incident, researchers believe that it was already the first phase of the much larger intrusion, which was confirmed just this month. The Canadian Anti-Fraud Centre was immediately summoned together with other network forensics experts and security researchers. Other law enforcement agencies were also commissioned to take part in the investigation, maximizing efforts and personally informing all the affected persons about the breach.
CPA Canada has always been considered a whale when it comes to hackers and other threat actors. Aside from being the most extensive accounting organization in the world, its members and clients are among the best and are known to be supporting multinational firms and other international agencies across the United States, Europe, and neighboring continents. This kind of reputation entails millions of valuable data translated to be on their servers at any given time. This is a fact duly acknowledged by the organization itself; that is why they are no stranger to cyber attacks and have always been in a heightened state of alert.
They are in a constant effort to ramp-up and upgrade their protection to safe-keep their precious data against possible intruders, especially hackers. This data breach will be one for the records. Still, until then, the association will continue to fortify itself against cyber threats.