Toronto Hydro online accounts hacked

Toronto Hydro says it contacted police after detecting atypical activity in its e-billing system. "We saw some unusual activity on our systems, and whenever there is more than the normal use of our system, the system shuts down and notifies IT staff," said David O'Brien, president and CEO of Toronto Hydro.

"What was being accessed was the file that contained the customer account number, their name and address. We're very confident it doesn't go deeper than that, no financial information was obtained," said O'Brien, who noted Hydro was concerned the information might be used to obtain credit card or personal information from customers.

"It's a total outrage when the provincial government has been paying lip service to fighting identity theft and a major public utility has exposed close to 200,000 people to that very sort of thing," said Peter Kormos, NDP consumer protection critic.

Ontario's Information and Privacy Commissioner Ann Cavoukian was notified of the breach and is investigating as well.

"The last bill(s) to 179,000 customers were accessed online," said Bob Spence, spokesman for the office of the Information and Privacy Commissioner. "Any time a privacy investigation is launched, we look at what happened and how it might be prevented."

O'Brien says Toronto Hydro will be sending a letter to each of its 685,000 customers, explaining about the privacy breach. It will not be telling customers if their account information was among those accessed, however.

"We're aware of the situation, and we'll be monitoring developments," said Eric Pelletier, a spokesman for the Ministry of Energy and Infrastructure.