In 2010, under the Personal Information Protection Act, Alberta became the first jurisdiction in Canada to require breach notification from private sector organizations where there exists "a real risk of significant harm" to an individual as a result of the loss or unauthorized access to or disclosure of personal information.
The Commissioner publicly makes available the decisions where a real risk of significant harm was identified and notification to affected individuals was required. Decisions where there was no real risk of significant harm identified are not published.
Note: The search function for the table is limited to the content in the table, such as body name and summary. It does not scan all PDFs. However, the general search function in the top navigation of the website scans PDFs during a search.
Although the OIPC makes every effort to ensure that all information posted on the website is accurate and complete, the OIPC cannot guarantee its integrity. If there is any discrepancy between the information posted on our website and the original paper versions, the original paper document is authoritative.
|P2017-ND-85||Jun 20 2017||Hilton Worldwide Inc.|
|Summary: The organization's intrusion detection system identified potential malware activity on three... [More]|
|P2017-ND-84||Jun 20 2017||Hilton Worldwide Inc.|
|Summary: The organization was notified by a service provider of potential malware activity targeting its... [More]|
|P2017-ND-82||Jun 19 2017||Society for Industrial and Applied Mathematics|
|Summary: The organization learned that personal information of one member that was stored on the computer... [More]|
|P2017-ND-81||Jun 19 2017||Water Environment Federation|
|Summary: A third party vendor, which assists with the organization's membership renewal outreach, informed... [More]|
|P2017-ND-80||Jun 19 2017||Rifco National Finance Corporation|
|Summary: An employee of the organization sent an email message to the email addresses of approximately 300... [More]|
|P2017-ND-79||Jun 19 2017||FPInnovations|
|Summary: An employee of the organization mistakenly saved an electronic spreadsheet containing personal... [More]|
|P2017-ND-78||Jun 14 2017||Specialty Equipment Market Association|
|Summary: The organization learned that one of its vendors had been the victim of a potential computer... [More]|
|P2017-ND-77||Jun 12 2017||Trailer Wizards Ltd.|
|Summary: An employee with the organization discovered that she had access to employee files she did not... [More]|
|P2017-ND-76||Jun 12 2017||ABOE Lockworks Ltd.|
|Summary: One of the organization's vehicles was stolen outside an employee's home. The vehicle was... [More]|
|P2017-ND-75||Jun 9 2017||Silver Bridge Funding, Inc., operating as Universal Business Team|
|Summary: Hackers inserted malware into the software supporting the organization's website. The organization... [More]|
|P2017-ND-74||Jun 9 2017||KURU Footwear|
|Summary: The organization discovered that it was the victim of a cyberattack that resulted in the potential... [More]|
|P2017-ND-73||Jun 9 2017||Char-Broil, LLC|
|Summary: The organization discovered that an unauthorized third party uploaded malicious computer code to... [More]|
|P2017-ND-71||Jun 7 2017||WP Technology Inc.|
|Summary: The organization identified an unauthorized user in its computer system. The attack was identified... [More]|
|P2017-ND-70||Jun 7 2017||Southern Michigan Bank & Trust|
|Summary: A vehicle belonging to an employee of the organization was burglarized in the United States. A... [More]|
|P2017-ND-69||May 31 2017||RM Acquisition, LLC d/b/a Rand McNally|
|Summary: The organization confirmed there was unauthorized remote access to its e-commerce store server. The... [More]|
Copyright 2017 OIPC. All rights reserved.