TQL Data Breach

Jim L

Jim L

Site Supporter
Mar 2, 2009
1,693
2,475
113
Ontario
20
It's tough enough to be a carrier out there lately with broker contracts trying to push every possible negative outcome onto the carrier, insurance claims where a truck was in the vicinity and implicated in an accident, every jurisdiction is looking to increase the cost on tolls, taxes, permits etc. Now this :(

TQL just sent me the following information putting another huge target on the backs of carriers:

Dear Carrier,
We wanted to make you aware that we have uncovered a breach of our IT systems. This breach compromised the security of our online portals for many of our carriers. We believe that external hackers gained access to your tax ID number, bank account numbers, and invoice information, including amounts and dates.
One of our highest priorities has been and continues to be the security of your information, so we have set up several ways for you to get more information. For general FAQs updated with the most recent information, visit www.tql.com/carrierhotline. For additional questions, email our carrier response team at carrierhotline@tql.com. Or you can call our dedicated hotline at 800-822-5980.
We have taken immediate steps to close security gaps in our systems, hired a third-party cyber security firm for additional forensics, and conducted testing to confirm the adequacy of our security protocols. We're also actively working with law enforcement to investigate this breach.
We sincerely apologize for the inconvenience and concern we know this causes you. We would recommend that you contact your financial institution immediately, letting them know your bank information has been exposed. They will be able to advise you on the best next steps to further protect you and your information.
If you have additional concerns, you can visit FTC's website at IdentityTheft.gov.
Thank you for your patience and understanding.
Sincerely,
Kerry Byrne
President/Total Quality Logistics
 
  • Sad
Reactions: Grandpa
At least they're being open and honest about it. We're all still on a learning curve with respect to alot of this technology.. data breaches... scams from India and elsewhere popping up by the minute and dead people friending us on Facebook. It's gonna take awhile..
 
  • Like
Reactions: Nawk
This is happening all over.
Last summer a medium sized carrier from PA was knocked off line by a ransomware attack for about a week.
You can buy the latest in security... but the hackers are always one step ahead.
 
  • Like
Reactions: Shakey
While it's true, as Nawk says, that this seems to be happening all over, carriers and brokers do need to be on the cutting edge of data protection technology. Frankly, it's just not that hard to do, nor as expensive as you might think. Keep in mind that your business life depends on it.
While I would readily admit that any system is not that difficult to get into, done correctly, putting a company out of business should be quite difficult ... even a small company.
 
Forget data breaches and similar things, the easiest way to put my firm out of business is take your wire cutters out and cut our phone lines, then turn off the power disabling our internet. Phoof!!!! We are now out of business! May sound old fashioned but wow, so effective.
 
I'd be more worried about my internet connection than my phone lines. In fact, I'm worried about it enough that we have redundant connections coming in over two different modes and from two different directions with employed failover tech and backup cloud services.
 
Nice work Mike,
We have the same, part of our strategy was to have different modes of internet also (fiber and wireless). So, our TMS is in the cloud but we're old school and still have Bell Canada for phones (because even though my wife is in IT, I still don't trust IP Phones).
Back to Internet, Bell will run fiber to the building for $50k, not a great option. Keep in mind we're a bit in the sticks out here in Georgetown, so we don't have the same options as people in Brampton, Mississauga, etc. Primary is Rogers (100 Mbps/100 Mbps). We're actually getting 100/200. :) Backup option is a wireless solution (antenna on the roof) which is 50 Mbps/50 Mbps in case something should happen to Rogers.
We were forced into this when they redid the road and cut out phone/internet lines several times a few years back. The good news is everyone has a cell phone so it's easy enough to pass around cell phones should that happen again.

Loaders, Look at UPS's in order to give you some time in the event of a brown out if you haven't already, but yes, legnthy power outages would shut us down too.

Keep well,
Mike
 
Funny enough, Rogers is out in our area all morning. We have air-cards we turn on through Bell in this situation to keep us online. We also then have to call rogers to forward the lines to a couple of cell phones.
 
OMFG ... people don't have UPS's ?!?!?!?!?!?
We have a UPS on every client machine, and one on each of the redundant power supplies on the server which are connected to seperate circuits, all of which is backed up by an auto switching Generac gen set powered by natural gas.

We're out in the sticks as well (at least as far as fibre is concerned) so we use wireless that comes off a line-of-sight tower to the north east of us that gives us 15Gbps down and 15Gbps up, unlimited monthly usage ... it's downstream end is fibre. That's backed up on a failover switch by ADSL that comes in from the west at about 768Mbps down and around 256 Mbps up, unlimited monthly usage. Additionally, we can manually redirect the wireless connection to a tower, on a different circuit that is to the west of us, and another to the south of us.

The sad, sad, sad part of all this ... The fibre trunk cable that runs to Turkey Point, St. Williams, and Port Rowan, runs right underneath our driveway ... LOL

As for data protection, I'm not about to give away the store on our configuration but small companies looking for cost effective solutions should look into BitDefender, Malwarebytes, and GFI Essentials for Mail. Additionally contract professional IT services are well worth the cost.
 
  • Like
Reactions: MikeJr
As per the data breach, our TMS is hosted on Amazon, redundant on 3 servers worldwide. For extra protection, we also back up with another method, which I don't want to share on this forum for obvious reasons so I believe we are protected the best we can be. We also don't store any data in the cloud that has to do with account numbers, banking etc so the only info that anyone could steal is our TMS shipment info which would only be useful to our competitors and not so much to hackers.
 
Michael Ludwig said:
OMFG ... people don't have UPS's ?!?!?!?!?!?
We have a UPS on every client machine, and one on each of the redundant power supplies on the server which are connected to seperate circuits, all of which is backed up by an auto switching Generac gen set powered by natural gas.

We're out in the sticks as well (at least as far as fibre is concerned) so we use wireless that comes off a line-of-sight tower to the north east of us that gives us 15Gbps down and 15Gbps up, unlimited monthly usage ... it's downstream end is fibre. That's backed up on a failover switch by ADSL that comes in from the west at about 768Mbps down and around 256 Mbps up, unlimited monthly usage. Additionally, we can manually redirect the wireless connection to a tower, on a different circuit that is to the west of us, and another to the south of us.

The sad, sad, sad part of all this ... The fibre trunk cable that runs to Turkey Point, St. Williams, and Port Rowan, runs right underneath our driveway ... LOL

As for data protection, I'm not about to give away the store on our configuration but small companies looking for cost effective solutions should look into BitDefender, Malwarebytes, and GFI Essentials for Mail. Additionally contract professional IT services are well worth the cost.
Click to expand...
Yes we have battery back up also and use laptops so the laptops are charged for about 8 hours and the battery packs will last another 8 or so.
 
Yes, we have battery pack emergency power for a few of the phone lines. Also, all of the employees have cell phones to receive incoming emails. Perhaps my description regarding 'putting my firm out of business" was a bit extreme. Of course we can operate for a few hours without power or phone lines, but wow, is it ever inconvenient!
 
Michael Ludwig said:
We're out in the sticks as well (at least as far as fibre is concerned) so we use wireless that comes off a line-of-sight tower to the north east of us that gives us 15Gbps down and 15Gbps up, unlimited monthly usage ... it's downstream end is fibre. That's backed up on a failover switch by ADSL that comes in from the west at about 768Mbps down and around 256 Mbps up, unlimited monthly usage. Additionally, we can manually redirect the wireless connection to a tower, on a different circuit that is to the west of us, and another to the south of us.
Click to expand...

WOW, who is your ISP? My house is in the sticks, kind of close to where you are and I don't get anywhere near those speeds. I'd be willing to even pay a premium for a business account for the house just to achieve and maintain consistent reliable quicker speeds.
 
I'm assuming that everyone uses encrypted hard drives for both their live RAIDs and their backup drives?
Your frontline defense against being hacked is the strength of your passwords. An 8 character password consisting of upper and lowercase letters, numbers, and symbols, takes about 45 years to brute force hack on a single computer. A high end GPU will do it that in a few months. A supercomputer, or bot net, will do it in about 4 hours. By contrast, your 4 digit bank card PIN can be hacked, by a single computer, in under 5 minutes.
 
  • Like
Reactions: dad2andrew
I was considering a business account for my home also (because it's dedicated rather than best effort). Apparently they refused to put an antenna on my house.. Too bad though.

We have UPS's on servers and some othere machines. Sucks every 4 years or so when all the batteries need changeing in them.


Keep well,
Mike
 
dad2andrew said:
WOW, who is your ISP? My house is in the sticks, kind of close to where you are and I don't get anywhere near those speeds. I'd be willing to even pay a premium for a business account for the house just to achieve and maintain consistent reliable quicker speeds.
Click to expand...
Silo Wireless
19 Sage Court,
Brantford ON, N3R 7T4
519-449-5656
1-866-727-4138
 
You must log in or register to reply here.
Top Bottom