In 2010, under the Personal Information Protection Act, Alberta became the first jurisdiction in Canada to require breach notification from private sector organizations where there exists "a real risk of significant harm" to an individual as a result of the loss or unauthorized access to or disclosure of personal information.
The Commissioner publicly makes available the decisions where a real risk of significant harm was identified and notification to affected individuals was required. Decisions where there was no real risk of significant harm identified are not published.
Note: The search function for the table is limited to the content in the table, such as body name and summary. It does not scan all PDFs. However, the general search function in the top navigation of the website scans PDFs during a search.
Although the OIPC makes every effort to ensure that all information posted on the website is accurate and complete, the OIPC cannot guarantee its integrity. If there is any discrepancy between the information posted on our website and the original paper versions, the original paper document is authoritative.
|P2019-ND-201||Dec 16 2019||ABCU Credit Union Ltd.|
|Summary: An envelope containing a document that was intended to be sent to an address in Toronto was found... [More]|
|P2019-ND-200||Dec 16 2019||Moodys Gartner Tax Law LLP|
|Summary: Thieves stole a number of items from the organization's Calgary office, including a duffel bag... [More]|
|P2019-ND-199||Dec 16 2019||SGI Canada Insurance Services Ltd.|
|Summary: An independent adjuster, working on behalf of the organization, had a briefcase stolen from the... [More]|
|P2019-ND-198||Dec 16 2019||Citrix Systems Canada Inc.|
|Summary: The organization discovered cyber criminals gained network access and removed files from the... [More]|
|P2019-ND-197||Dec 16 2019||SNC-Lavalin Inc.|
|Summary: The organization discovered that an unknown and unauthorized third party gained access to the... [More]|
|P2019-ND-196||Dec 16 2019||Young Women's Christian Association of Banff|
|Summary: A client's file was lost after a staff member was updating the file. The incident affected one... [More]|
|P2019-ND-195||Dec 16 2019||Lancaster Archery Supply, Inc.|
|Summary: Certain payment card information of customers on the organization's websites was compromised. The... [More]|
|P2019-ND-194||Dec 13 2019||Standard Nutrition Canada Co., owned by Sollio Agriculture, a division of La Coop federee|
|Summary: An employee's email account was accessed by an unauthorized individual through a phishing scam... [More]|
|P2019-ND-193||Dec 13 2019||Vitalize, LLC|
|Summary: Unauthorized activity on the organization's systems was traced to a phishing email. The incident... [More]|
|P2019-ND-192||Dec 13 2019||Tacony Corporation|
|Summary: The organization confirmed that code inserted into its online store was capable of capturing... [More]|
|P2019-ND-191||Dec 13 2019||Emco Corporation|
|Summary: One of the organization's employees had their email account accessed by an unauthorized individual.... [More]|
|P2019-ND-190||Dec 13 2019||Cervus Equipment Corporation|
|Summary: An unauthorized individual gained access to one of the organization's employee email accounts. The... [More]|
|P2019-ND-189||Dec 13 2019||Haws Corporation|
|Summary: The organization experienced a ransomware attack and it was unable to conclude whether personal was... [More]|
|P2019-ND-188||Dec 13 2019||Teck Resources Limited|
|Summary: A recruiter for the organization inadvertently scanned six sets of interview notes and a resume,... [More]|
|P2019-ND-187||Dec 13 2019||Microsoft Corporation|
|Summary: A call centre support supervisor who worked for a company providing support services to the... [More]|
Copyright 2020 OIPC. All rights reserved.