Security & Fraud

Canadian Lender Hit With Data Breach Impacting 2.9M

Canadian lender Desjardins Group revealed that it has been the victim of a data breach that could impact more than 2.9 million members.

The firm was contacted by law enforcement on June 14 with information confirming that the personal information of more than 2.9 million members had been shared with individuals outside the organization. The leaked information includes 2.7 million individual members and 173,000 business members.

Desjardins, the largest association of credit unions in North America, explained that the breach is the result of unauthorized and illegal use of the company’s data by an employee who has since been fired. As a result, additional security measures were put in place on all accounts, and Desjardins will be sending a letter to all affected by the incident. And as a precaution, Desjardins will also offer affected members a free credit monitoring plan and identity theft insurance for 12 months.

The compromised data includes first and last name, date of birth, social insurance number, address, phone number, email address and details about customer banking habits and Desjardins products. Passwords, security questions, and PINs were not compromised. Desjardins pointed out that the incident was not a cyberattack, and its computer systems were in no way breached during this incident.

The bank’s investigations also showed that information about business members was among the affected data, including identifying information such as business names, addresses, telephone numbers, and the names of owners and AccèsD Affaires account users.

“I’d like to reassure our members and clients: their accounts and assets with Desjardins are protected in the event of fraud. If they suffer a financial loss as a result of this situation, they will get their money back. We regret this situation and are making every effort to ensure that it doesn’t happen again,” Guy Cormier, president and CEO of Desjardins Group, said in the release.



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.