CPA Canada was hit by a cyberattack that exposed personal information from approximately 329,000 individuals.
The attackers accessed contact information, including email addresses, held by the membership organization on its website. According to published reports, the information was largely related to the distribution of CPA Magazine, and CPA Canada said passwords and credit card numbers were not among the compromised information.
"Safeguarding the information in our care is one of our most important responsibilities and we sincerely regret any concern this incident may cause," said Joy Thomas, president and CEO of CPA Canada, in a statement. "We immediately took steps to contain the incident and secure our systems, undertake a thorough investigation to identify those affected, and then notify them of the incident."
CPA Canada said it has notified all the affected members and stakeholders, as well as Canadian law enforcement and the Canadian Anti-Fraud Center.
It also warned members and others to “remain vigilant” about potential phishing emails, text messages and phone calls that may result from the breach, noting that in general it does not contact members directly to ask for personal information.