The Office of the Privacy Commissioner of Canada (OPC) has published the results of its assessment of the various data breach incidents that have occurred over the past year, noting that tens of millions of individuals’ private data have been compromised.
Based on data the OPC gathered from reports by private sector firms, the commissioner revealed in its assessment that over the past 12 months, about 28 million Canadians were affected by a data breach incident. In total, there were 680 breach reports for the year ending October 31, 2019.
The assessment was published a year after the Personal Information Protection and Privacy Act (PIPEDA) came into effect November 01, 2018. Under the regulations of the PIPEDA, companies are required to report breaches to the OPC, when previously it was a voluntary option.
This year’s breach reports number, 680, is about six times the volume the OPC typically received prior to PIPEDA coming into force.
The OPC offered a breakdown of the reported data breach incidents:
“We see these as big numbers, they are bigger than we anticipated, but at the same time it could be the tip of the iceberg,” said deputy privacy commissioner Brent Homan in a statement, adding that the exorbitant data breach numbers could be an indication of a larger problem than has been reported.
Homan also found the numbers “quite alarming,” considering Canada’s population is only 37 million.
“We are really looking at businesses to turn their attention to protecting customers’ information so they can maintain and support trust and faith in their industries,” the deputy commissioner stated.
IT World Canada reported that the OPC’s report actually falls about two million short. Just a day after the OPC report was published, Desjardins announced that the data of all 4.2 million of its credit union customers were affected by the data breach it reported in June. The company originally announced that only 2.7 customers were affected.
