Desjardins Group data breach affected all 4.2 million members
A June data breach at Canadian cooperative the Desjardins Group affected all 4.2 million members of the cooperative financial group and has compelled the government to pass new data protection reforms.
Eric Girard, finance minister for the province of Quebec, said at a briefing last week that it would be taking steps to improve cybersecurity and protect personal information in the aftermath of the breach.
Girard confirmed that the June data breach had affected every member of Desjardins Group, which is the largest association of credit unions in North America.
According to the Montreal Gazette, Girard said: “We’re now at 4.2 million people, and it’s not acceptable. We’re very mindful of that. I have three colleagues who are involved in this file practically on a full-time basis.”
The finance minister added that he is working on a new law to supervise credit agencies, which he hopes to have introduced by the end of 2019.
The breach stemmed from the unauthorised access by an employee to internal data. It led to the personal information, social insurance numbers, addresses, and spending habits of 4.2 million people being exposed.
When the breach was first reported it was thought to have only affected 2.9 million people. The cooperative spent CAD 70 million in Q2 2019 through the implementation of new credit monitoring plans and identity theft insurance to affected members.