Ontario Cannabis is first past the post for PIPEDA breach disclosure
So Nov 1 the new breach notification requirements came online. I was wondering who would have the honour of the first, and, it seems it might be OCS (wiki). In the CBC story they blame the post office, just like in Friends.
Interestingly tho, one can reverse engineer the customer size. In the article they say ‘4500 people’ were breached, and, this represents 2% of the customer orders that day, implying that the Nov 1 customer order size was 225,000.
Now, who wants to be next and fess up to not having their IT ducks in a row on breach prevention and be in good company?
PS, now is the time to check your order numbers are not sequential. Remember the Olestra and the Bike?