APEGA experienced a significant data breach this morning at 11:45 a.m.

75,000 Member records consisting of first name, last name, Member ID, and email addresses were given to an unknown party because of a phishing event. No credit card information or passwords were released.

If you receive ANY emails that appear to be from APEGA DO NOT RESPOND. Do not provide or confirm any personal information such as your Member ID, credit cards, or passwords.

We apologize for this significant breach in privacy and are currently focusing all of our efforts on preventing any further occurrence.

As a precaution, we are temporarily suspending access to the Member Self-Service Centre.

Further information will be posted on our website as it becomes available.

https://youtu.be/F7gsAyzPgSk

Did the idiot colleague who facilitated the breach get fired? I hope so.

In the midst of applying for my P.Eng, part of the application involves uploading a copy of your birth certificate >_> going to try and phone them tomorrow and see if this would be affected too FFS

Figures that engineers have the worst security.

I'm always worried that someone is going to hack the BC Freeminer claim locations.

I mean really, why is it that in the year 2015 you still have to buy ten different claims in random locations just to hide one that is a gold mine from prying eyes.

Originally posted by pheoxs
In the midst of applying for my P.Eng, part of the application involves uploading a copy of your birth certificate >_> going to try and phone them tomorrow and see if this would be affected too FFS

My application is in progress as well, can you please post your findings in this thread?

Hopefully they have this shit wrapped up soon, I wanna be done with this application haha.

...

Originally posted by Sugarphreak

it is only called a breech because nobody paid for it this time.

Wait a sec, are we talking about whales or computers here? I'm confused now.

The problem is all this info, which i suppose was all available on the registry anyways, and a spoofed apega email could lead people to give away CC numbers to make dues payments over email or something stupid. Alot of members are older and might not know better.

The service center is likely offline to prevent them trying to access peoples accounts ( because of how many people likely use stupid passwords related to their names or 1234 kind of things) now that their member numbers are posted. I think the only serious dissemination is the member numbers as i cant remember if they are publicly available or not.

They are just doing their diligence and things will likely be back to normal with a few more internal policies and checks for them in no time.

I was worried at first because I am in the middle of my application process so I had uploaded my birth certificate. I went to go continue the application when I noticed the members self serve was down. When I called them all they told me was "oh ya we are having some computer problems today".

Really hoping it is, in fact, just names and emails and nothing more.

Originally posted by schurchill39
I was worried at first because I am in the middle of my application process so I had uploaded my birth certificate. I went to go continue the application when I noticed the members self serve was down. When I called them all they told me was "oh ya we are having some computer problems today".

Really hoping it is, in fact, just names and emails and nothing more.

When did you call? Their hours said they open at 830, so I tried just now and no one answered any of the numbers or extensions, just went to voicemail.

Guessing they have a few folks calling today, so it may be a little tough to get in touch with them.
Maybe call tomorrow.

They called back regarding my voicemail, she said nothing with regards to the application, nor any addresses were leaked. The only thing compromised was first/last name, member number, and email addresses.

Here's hoping thats the case

Well that escalated quick. My friend just told me two of his friends have been contacted.


- A person with a Russian accent called asking to confirm credit card information for some engineering newsletter.

- A call for free identity theft protection and just needed to confirm SIN and date of birth.

Originally posted by triplep
Well that escalated quick. My friend just told me two of his friends have been contacted.


- A person with a Russian accent called asking to confirm credit card information for some engineering newsletter.

- A call for free identity theft protection and just needed to confirm SIN and date of birth.

They never said anything about phone numbers being leaked...?

Originally posted by pheoxs
They never said anything about phone numbers being leaked...?
If you register your work email as [email protected], it's not that hard to call reception at Campbell's Soup to be connected to Joe Schmoe ;)

Originally posted by pheoxs
They never said anything about phone numbers being leaked...?

Phone numbers, if members chose to list them, are accessible via the normal member directory which is open to the public to view.

Meh, I've already started getting spam most probably because of this leak.

I did find it mildly amusing that their name starts with 'Bogus...'



From: Boguslawskaya Nastya

Hello,

I am an open and sweet lady, who wants to get acquainted with a good man. I am beautiful, gentle and benevolent person.
I like to spend time in nature and to enjoy simple things. My ID: - http://<blanked out>
I adore sunsets and sunrises sun, waterfalls and rocks. Also I like walks and spending time with friends.

I would like to meet a caring, and kind man. Maybe it's you?
Regards, Nastya.


Unfortunately, I don't like sunsets, sunrises, sun, waterfalls, nor rocks....

Started with spam emails, now I'm getting phone calls too from the 'CEO of Apega' with a foreign number from Europe (Do business over seas so can't just auto ignore calls from other country codes :banghead: )

i got a "CEO from APEGA" call just now saying they have system under control and can communicate thru emails again. Number was (780) 426-3990 on my display so maybe legit?

I keep getting the tax refund and royal bank emails. Like 3 a day. Littered with spelling errors and I went and put in a wicked email like [email protected] learnto spell for a name and it logs me in lol

Not sure what apega would need to email or contact you about anyways. Their newsletters are a joke.

Apega is just one of those things i deal with once a year and try to pretend doesn't exist for the next 12 months..

Kindof like my in laws.

Originally posted by theken
I keep getting the tax refund and royal bank emails. Like 3 a day. Littered with spelling errors and I went and put in a wicked email like [email protected] learnto spell for a name and it logs me in lol

Is your tax "refound" for about $411 ish? I've been getting a bunch of those. Thanks APEGA

Originally posted by nitram
i got a &quot;CEO from APEGA&quot; call just now saying they have system under control and can communicate thru emails again. Number was (780) 426-3990 on my display so maybe legit?
Yea I missed the call so when I called back to reception that's what she said it was, to say they're emailing again.

I got a call from "....CEO, P.Eng"

:rofl: I love how APEGA thinks people actually give a shit.

"Hey it's your family doctor, John Smith MD, calling about your test results"

This better not slow them down on approving my P. Eng application. The retards