Koodo security incident / compromised data

FieroAlex

FieroAlex

Legacy Member
I received this email from Koodo yesterday and I've been running around changing passwords left, right and center. Has anyone else received this email and if so what are you doing to keep your accounts safe. I'm honestly not to confident in Koodo's "No Port protection" and I'm wondering other than changing the account password and pin, is there anything else I can do? Should I resort to changing my Phone number for my account to be safe?

------------------------

We recently detected a security incident impacting your account information.

What happened: On February 13, 2020, an unauthorized third party using compromised credentials accessed our systems and copied August/September 2017 data that included your mobility account number and telephone number. It is possible that the information exposed has changed since 2017, in which case your current information is not compromised.

What we are doing: We acted quickly to prevent further unauthorized access. Some customers could have been at risk of unauthorized number porting, where a fraudster could use the compromised information to gain control of a customer’s phone number by moving it to another carrier. This would mean that the fraudster would receive your calls and texts. To prevent this, we have applied port protection on your account. Port protection is a feature that prevents the porting of your number to another carrier unless you call us first. If you’d like to have this feature removed, please contact us.

We have found evidence that the unauthorized third party is offering the information for sale on the dark web. With port protection in place, we do not believe that your information could be used for any fraudulent purposes. Nevertheless, we have reported this incident to Law Enforcement and the Office of the Privacy Commissioner of Canada and we are working closely with them on this matter.

What you can do: As always, be diligent in monitoring your online accounts and email for any suspicious activity. Ensure that you do not reuse the same login credentials across different accounts, and use passwords that are difficult to guess. We also recommend that you not register your mobile telephone number on online accounts. If you have done so, you may want to remove it and use an alternative method to receive One Time Passcodes or 2 Factor Authentication codes.

If you have any questions, please contact us at 1 866 995 6636, Monday - Sunday, 9:00 a.m. - 10:00 p.m. ET. At Koodo, we believe customer privacy is of the utmost importance. We are taking this matter very seriously. We remain committed to protecting your privacy. We sincerely regret any inconvenience or concern this may cause and look forward to continuing to serve you in the future.

Sincerely,

Jim Senko President, Mobility Solutions
 
I'm with Koodo as well. I have not received this e-mail from them but there was fraud in my account a few weeks ago. Two brand new phones were bought with $65 plans and some extra shit and I couldn't use mine anymore.

They declared the phones stolen and I changed my password and also my pin. Problem resurfaced a week after. No purchases were made this time (although someone tried to unsuccessfully log into my online account) but my sim card wasn't working and had been associated with another phone again. So I went to the store and had it changed.

In my case, at least one of the culprit(s) has to be an ''insider'' because they ask for an ID (driver's license in my case) when you make purchases in store. So no matter how I try to ''secure'' my account, I don't think it will ever be truly safe.

In your case, they seem to be saying that only your 2017 information has been compromised. If that's really the case, then I guess changing your passwords and pin will help. If you still have the same sim card you had in 2017, I'd also recommend changing it just in case.
 
Well I spent 50 minutes on the phone with Koodo the other day and we changed my password, pin, added a security question and they added port protection.

After thinking about this for a few days I still didn't feel safe so I bit to bullet and changed my phone number. It's such a hassle to update my number everywhere especially since I had the last one for 12 years. Hopefully changing the phone number should keep me safe for a while.

here is a link on the situation at Koodo

https://www.bleepingcomputer.com/ne...e-announces-data-breach-stolen-info-for-sale/
 
BTW, Koodoo are super missleading in their International Roaming plan. We are fighting with them a +/-400$ bill my gf got following our trip this winter.

What's worst is we removed the SIM card from her phone and used a local SIM card and yet, they are still trying to charge us.

They go as far as saying that the 12$/day Easy Roam International does not include data... or exclude "some types" of data.

Fuckin bullshit company.
 
Ronin said:
BTW, Koodoo are super missleading in their International Roaming plan. We are fighting with them a +/-400$ bill my gf got following our trip this winter.

What's worst is we removed the SIM card from her phone and used a local SIM card and yet, they are still trying to charge us.

They go as far as saying that the 12$/day Easy Roam International does not include data... or exclude "some types" of data.

Fuckin bullshit company.
Click to expand...

I agree. The quality of the service has gone downhill fast. Koodo used to have an email address and you could email them with concerns, I've used it several times over the past 12 years and my issues were always resolved and they would often throw in free upgrades like free us texting when I was having roaming issues.

This year I noticed that they no longer have email, they no longer have a phone number for customer service.. they are pushing this bot controlled help desk that never once came up with an appropriate solution to my problems or a "call back" system for customer service. I'm sure they've also moved their call center over seas, probably the Philippines from the sounds of it.

Unfortunately they are by far the best rate plan available in my area, no other provider in my area even comes close to my plan so I stick with them.

I'm surprised you had issues with international roaming. For both of our trips in Japan we didn't get any roaming charges and I didn't even remove my sim card. I guess that we got lucky!
 
The plot thickens, they also charged her 75$ to activite call forwarding for two weeks.
 
FieroAlex said:
This year I noticed that they no longer have email, they no longer have a phone number for customer service.. they are pushing this bot controlled help desk that never once came up with an appropriate solution to my problems or a "call back" system for customer service.
Click to expand...

I've noticed that as well. Seems like they are making it harder and harder for us to contact them directly. When I got the fraud incident a few weeks back, I was at work and got mad because I couldn't find the customer service number. I simply couldn't believe it and thought I was perhaps just too stupid to find it or something. I finally managed to find the number and was able to contact them. It's there but it's kind of like a puzzle game. You have to find the secret link to the number for it to be awarded to you.

1-866-995-6636
 
You must log in or register to reply here.
Back
Top