eBay

retroman_studios · ‎08-20-2020

As the title says, Canpar has disabled their site and even advised sellers to cancel shipments.

If you are currently shipping with CanPar they don't think the hack will affect your credentials etc., but I would be aware that this is always a possibility.

Yet another internet hack. It's getting rather boring and predictable.

ypdc_dennis · ‎08-21-2020

From http://www.canpar.ca/

On 19th Aug 2020 Canpar Express was the target of a ransomware attack that impacted some of our systems. We continue to meet most customer shipping needs and we are not aware of any misuse of client information. Out of an abundance of caution we want to make our clients aware of the incident, should you be experiencing any issues.

-..-

retroman_studios · ‎08-21-2020

I ordered a new tablet for myself, it was to be delivered using CanPar and the seller was advised to cancel his shipping. He called in.

So he's sending it via UPS.

FWIW. 😕

reallynicestamps · ‎08-21-2020

@retroman-studios
Within Canada I hope.
There's a years long archived complaints post about UPS .

retroman_studios · ‎08-21-2020

Yeah seller is in Toronto area.

darak10 · ‎08-21-2020

so they are aware of ransomware attack, which meant the cyber criminals managed to gain both access and control of internal software & hardware infrastructure including the actual drives where corporate information is stored, but (to paraphrase their statement) they aren't aware if any client information was misused?

are they serious???????

I haven't checked Donald Trump's twitter feed today, but this will with almost complete certainty be the dumbest thing I've read all day. I know they are in damage control mode, but their statement is frightfully disingenuous.

ypdc_dennis · ‎08-21-2020

@darak10 wrote:
... but (to paraphrase their statement) they aren't aware if any client information was misused?
are they serious???????

It depends what part of Canpar's system was compromised and what type of ransomware attack they had. They could be whistling in the wind or telling the truth. Hard to tell without more details.

* https://www.csoonline.com/article/3212260/recent-ransomware-attacks-define-the-malwares-new-age.html

* https://www.crn.com/slide-shows/security/the-11-biggest-ransomware-attacks-of-2020-so-far-

* https://www.malwarebytes.com/ransomware/

-..-

travis7s · ‎08-22-2020

Companies almost always downplay breaches and how serious they are. I would say there is a good chance customer data has been stolen as you can sell that sort of thing on the darknet.

I've never been of Canpar, their pickups are unreliable and they consistently overcharge for my shipments, this is just another reason not to use them.

ypdc_dennis · ‎08-22-2020

August 22: Canpar still out of action.

https://montreal.ctvnews.ca/customers-complain-of-delays-after-ransomware-attack-on-delivery-company...

I wonder what impact this will have on current contract negotiations with the Teamsters.

---

From reddit website:

this outage looks bigger than just Canpar. There's a company called TForce that keeps buying up the smaller courier companies in Canada (they've owned Canpar for years).

Loomis Express - https://www.loomisexpress.com/
ATS Solutions - http://www.atssolutions.ca/
ICS Courier - http://www.icscourier.ca/
TForce Integrated Solutions - http://www.tforce-solutions.com/

All of those companies are owned by TForce, and all of their websites are down right now.

-..-

retroman_studios · ‎08-23-2020

It's a good thing I alerted the seller when I did, that would be terrible if my new device was held hostage by an outage or whatever they want to spin this as.

Most companies like TForce run very poorly managed IT resources, they are so busy cheaping out and low balling, they give no real consideration to a threat until it's too late.