Canadian lender Desjardins Group has confirmed that the personal data of over 2.9 million of its members has been compromised.
The breach is said to be the result of an employee’s illegal use of internal data.
Go deeper with GlobalData
The employee, whose name was not disclosed, has been dismissed.
The breach leaked personal details such as last name, date of birth, social insurance number, address, phone number, email address as well as banking habits.
However, Desjardins assured that the incident did not affect its computer systems.
Passwords, security questions, and PINs were said to be unaffected by the incident, which affected 2.7 million individual members and 173,000 business members.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataDesjardins Group president and CEO Guy Cormier said: “I’d like to reassure our members and clients: their accounts and assets with Desjardins are protected in the event of fraud.
“If they suffer a financial loss as a result of this situation, they will get their money back.
“We regret this situation and are making every effort to ensure that it doesn’t happen again.”
The lender said that it has deployed additional security measures to protect customers. One of these measures is to enhance procedures for authenticating customers.
Affected members will secure a credit monitoring plan and identity theft insurance for 12 months. This will be paid for by the lender.
