The Canadian cooperative Desjardins Group has revealed that a data breach impacted all its 4.2 million members.
The incident was first discovered in June. So far, there is one suspect — a former employee — responsible for the breach, which exposed personal information, social insurance numbers, addresses and spending habits of the company’s customers. Since July, the company said that all caisse members who do their banking with Desjardins in Quebec and Ontario have been protected by its identity protection, which is provided free. In addition, Desjardins is extending Equifax credit monitoring service to all members.
“Since the privacy breach was first announced, we’ve made it clear that we intended to enhance the Desjardins identity protection service. During our appearance today at the Chamber of Commerce of Metropolitan Montreal, we had already been planning to announce that all caisse members who use AccèsD to do their banking with Desjardins in Ontario and Quebec are now eligible for a 5-year credit monitoring service from Equifax, paid for by Desjardins,” Guy Cormier, president and CEO of Desjardins Group, said in a press release.
As a result of the breach, the Canadian government has decided to pass new data protection reforms. Eric Girard, finance minister for the province of Quebec, said last week that it would now be taking steps to improve cybersecurity and protect personal information.
“We’re now at 4.2 million people, and it’s not acceptable. We’re very mindful of that. I have three colleagues who are involved in this file practically on a full-time basis,” he said, adding that he is working on a new law to supervise credit agencies, which he hopes will be introduced by the end of the year.