Edmonton man could see private data of other Brinks customers through his home security system — for months

Andrew Kopp was having trouble with the door sensors on his new Brinks home security system.

The Edmonton man — a systems architect for a telecommunications company and self-professed gadget enthusiast — had added a little extra home security when, in October 2021, he signed a 36-month contract for a Brinks system.

But things took a strange turn when he called technical support to troubleshoot those wonky door sensors. 

He told Go Public he signed into his system's online portal "and that's when I noticed that I had a drop-down [menu] to select a whole bunch of addresses." 

There on his screen were approximately 100 other customers' addresses.

Every click of the mouse revealed more of someone else's information: name, address, phone number, emergency contacts and account payment history.

Kopp could even view specific things about other customers' home security systems, like security equipment details and locations of security zones within their homes.

"My reaction is, [this is] kind of crazy. I really don't feel that they're safeguarding other people's information," he said. 

"I wanted to know whether my data was compromised in the same way." 

That remains unclear. Though Kopp did not see his own details on the screen, Brinks has not notified any of the customers who were affected by the leak, which went unfixed for months. 

Brinks says no financial or banking data was included in the leak. 

But one expert says it was still a "very serious privacy breach."

"Of course, it's a breach of security as well," said Ann Cavoukian, a former three-term privacy commissioner of Ontario. 

"It allows people to potentially break into your home and into your information online. Identity theft could result."