Customers of Desjardins are being urged to be vigilant after the financial institution said there has been a data breach.
Around 2.9 million customers’ personal information has been disclosed to individuals outside Desjardins without authorization with the source of the breach traced to a “an ill-intentioned employee who acted illegally and betrayed the trust of their employer. That person was fired,” according to a statement on the firm’s website.
Desjardins stresses that this was not a cyberattack and that its computer systems have not been compromised. It also says it has not seen a spike in fraud cases in recent months.
Measures have been put in place to protect members’ personal and financial data including additional monitoring and enhanced procedures to check identity when members call.
Desjardins has sent letters to all those affected recommending additional safeguarding of accounts, but it says that even those members that have not been written to should remain vigilant of any unusual activity.
Although this breach was not a cyber incident, cybersecurity firm Carbon Black warned earlier this year that data security breaches involving Canadian organizations were increasing with 8 in 10 survey respondents having suffered a breach in the past year.