The United Conservative Party's privacy policies were being questioned after a party laptop was stolen out of an employee's car in a parade.
The laptop contains the names, addresses, and contact information of 40,000 UCP members, luckily there was no financial information on the computer but noted there is enough for concern.
The UCP said that although they are not required to, they've informed the privacy commissioner of the incident and an additional 20,000 members whose information was not compromised.
TPRM report: https://scoringcyber.rankiteo.com/company/united-conservative-party-of-alberta
"id": "uni04316223",
"linkid": "united-conservative-party-of-alberta",
"type": "Data Leak",
"date": "01/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 40000,
'industry': 'Politics',
'location': 'Alberta, Canada',
'name': 'United Conservative Party',
'type': 'Political Party'}],
'attack_vector': 'Physical Theft',
'customer_advisories': 'Informed Additional 20,000 Members',
'data_breach': {'number_of_records_exposed': 40000,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': 'Names, Addresses, Contact '
'Information'},
'description': 'A laptop containing the names, addresses, and contact '
'information of 40,000 UCP members was stolen from an '
"employee's car during a parade.",
'impact': {'brand_reputation_impact': 'Moderate',
'data_compromised': 'Names, Addresses, Contact Information',
'identity_theft_risk': 'High',
'payment_information_risk': 'None'},
'motivation': 'Unknown',
'regulatory_compliance': {'regulatory_notifications': 'Informed Privacy '
'Commissioner'},
'response': {'communication_strategy': 'Informed Privacy Commissioner and '
'Additional Members'},
'threat_actor': 'Unknown',
'title': 'Stolen Laptop with UCP Member Information',
'type': 'Data Breach',
'vulnerability_exploited': 'Lack of Physical Security'}