A Canadian exchange site is shutting down in the wake of a data breach.
The Bicycling Network says it received the data in an attempt to sell it to a Chinese cyber criminal.
The site, BN, says it lost $250,000 in the breach.
In a blog post, the company said that the data is being held in a secure facility.
“We are in the process of obtaining the appropriate data security certificates and are in discussions with our insurance provider to secure access to that data, which will provide us with additional confidence that we have no intention of disclosing this information to anyone else,” the post says.
“There is a chance that this data will be stolen and sold to a third party.”
In a statement on its website, the Canadian Bicycles Exchange said it received information from a cybersecurity firm on June 14 that revealed “several million credentials” had been compromised.
It added that the information had been sent to an insurance company, which has taken it offline.
BN said that although it had been working with the insurance company to secure the data, it has no plans to sell the data.
The website says it has received an undisclosed number of complaints about its security.
“BN is committed to protecting our users from any unauthorized access to their personal information,” the statement said.
It also said that BN was working to “ensure the safety and security of our customers, and to ensure a robust cybersecurity system.”
The website of the Canadian exchange BN posted a statement to its website.
“As soon as we were informed of this breach, we immediately suspended all operations of BN,” the site said.
The company said it had contacted the Insurance Corporation of British Columbia and BCIT, which is investigating.
“The company has confirmed with the BCIT that there are no active investigations in B.C.,” the statement read.
BCIT said it would not comment on its investigation.
The BC Cybersecurity Alliance, a trade association of companies and universities that promotes cyber safety, issued a report on May 28 saying that BCIT was “investigating” the breach and that the organization “will have a complete view of the incident.”
It said the BC Cyber Security Alliance also had “a formal complaint against BN regarding the breach.”
A spokesman for BCIT told The Hill the company had not received any formal complaints and was working with regulators and insurers to “proactively identify any additional data that may have been compromised.”
The BC Institute for Critical Infrastructure Technology, which advises the BC government on cybersecurity, has said that a number of companies have experienced data breaches and said that BC has a high rate of cyber incidents.
The organization’s director of research, Daniel LeBlanc, told The Wall Street Journal that cyber attacks are “probably the single most important threat facing our industry.”