This June, an employee of Desjardins was caught sharing the personal information of over 2.7 million Canadian’s and 173,000 businesses. The employee is no longer with the company and the Quebec-based credit union must now face the damages of the leaked information, which includes client names, addresses, birth dates, social insurance numbers, email addresses, and transaction habits.
The Commons committee met today at 1 p.m. at the request of the Conservatives on Parliament Hill to discuss their next actions. Public hearings with witnesses will continue throughout the day, and will cover future plans to prevent more breaches like this, or if issuing new SINs to affected Canadians is a viable option. Many groups are involved in the hearings, including representatives from the Canada Revenue Agency (CRA).
The Privacy Commissioner of Canada and the Privacy Commissioner of Quebec are investigating Desjardins to ensure the company complied with the relevant privacy protection laws. In the meantime, Desjardins is offering the affected clients free identity theft insurance as well as financial and legal assistance for stolen identities. Guy Cormier, president of Desjardins Group, also announced today that Desjardins will offer permanent data protection to all members.
The company is facing a lot of scrutiny after this breach, and an open police investigation is ongoing.