The shipping data of more than 40 large commercial Canada Post customers has been compromised following a cyberattack on one of the postal agency’s suppliers.

Canada Post said Wednesday that data exchange solutions provider Commport Communications notified it last week of a data breach caused by a malware attack.

The attack compromised the shipping manifest data associated with 44 business clients, containing the information of more than 950,000 mail recipients.

Shipping manifests typically include the sender and receiver contact information you’d find on shipping labels, such as names and addresses. The compromised information dates back to between July 2016 and March 2019.

Canada Post said an investigation into the attack provided no evidence any financial information was breached.

The Crown corporation said it’s working closely with Commport and external cybersecurity experts to decide what further actions to take.

Commport had previously notified Canada Post of a ramsonware issue last November. A probe into the matter found no evidence customer data had been compromised at the time.