Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Massive Data Breach at Canada Credit Union Giant Desjardins

Canada’s Desjardins credit union announced Thursday that the personal banking information of 2.9 million customers had been stolen by an employee and distributed to outside parties.

Canada’s Desjardins credit union announced Thursday that the personal banking information of 2.9 million customers had been stolen by an employee and distributed to outside parties.

The nation’s largest credit union and fifth-largest in the world, with Can$304 billion (US$230 billion) in assets under its management, had noted unauthorized access to its members’ information last December, but it was only confirmed by police last Friday.

In a statement it said police confirmed to the credit union that the personal information of 2.9 million members “had been shared with individuals outside the organization. This includes 2.7 million individual members and 173,000 business members.”

This included names, date of birth, contact information and banking habits. Passwords and other security information were not compromised.

The employee responsible for the breach has since been fired, and Desjardins has put in place additional security measures, Desjardins Group senior vice president Denis Berthiaume told a press conference.

He said the credit union would offer free credit monitoring to affected members, while promising to refund any losses in the event of fraud related to the breach.

Police arrested the suspect but then released him while its investigation continues.

“This major incident affecting Desjardins Group today puts into perspective the omnipresent risk that now weighs on all organizations in terms of information security risks,” Quebec’s financial sector regulator said in a statement.

Advertisement. Scroll to continue reading.
Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.