ADVERTISEMENT

Business

Shell investigation reveals vendor data breach

Published: 

A Shell fuel station in London, on May 5, 2022. (Alastair Grant / AP)

Shell says a cybersecurity "incident" last week targeted a third-party vendor it works with, and not the oil and gas company itself.

Shell launched an internal investigation after it learned of a "potential cybersecurity incident" on May 29.

  • Top business headlines, all in one place
  • The information you need to know, sent directly to you: Download the CTV News App

"Our investigation shows that the data in question did not come from a Shell system, nor was Shell-held customer data exposed," a Shell spokesperson told CTVNews.ca in an email on Thursday.

In the statement, Shell said a vendor who provides the company with "anonymous mystery shopping services" had experienced a data breach.

Shell said the vendor uses a third-party platform to store data related to its mystery shopper contractors, and the data was "exposed" through the third-party platform.

The vendor is contacting impacted individuals and regulatory bodies, Shell said, adding that it will continue to monitor its own IT systems.

With files from CTVNews.ca’s Megan DeLaire