Connect with us

Business

‘Desjardins’ Employee Leaked Banking Data Of 2.9 Million Members

The employee with “ill-intention” is now fired.

Published

on

A police investigation concluded that a malicious employee shared private and sensitive financial data of more than 2.9 million Desjardins members and clients.
Around 2.9 million members were affected by the data leak. Photo: Desjardins | Twitter

Banking information of more than 2.9 million members of Desjardins, Canada’s biggest lending cooperative, has been compromised and was shared to third parties without authorization, a press release from the organization published yesterday said.

Around 2.7 million personal members and 173,000 business members were affected by the data breach, according to the investigation conducted by the Laval police. The cause of the data compromise: “an ill-intentioned employee who acted illegally and betrayed the trust of their employer.”

Desjardins has already confirmed that the said employee has already been fired as of writing and additional security measures have been put in place to ensure all the organization’s members’ personal and financial data remains protected.

The organization clarifies that the company was not in any form targeted by a cyber attack and they have not seen a spike in fraud cases involving their members’ accounts in recent months. All of the data breach was attributed to the recently fired employee who shared financial information of members to individuals outside the organization maliciously. Furthermore, they said that AccèsD passwords (for both personal and business accounts), security questions and PINs were not part of the compromised data.

As soon as the organization became aware of the situation, they hired experts, began working closely with the police, and introduced additional measures to protect their members’ personal information, accounts, and assets.

“We understand that this is a worrying situation. We sincerely regret the inconvenience it has caused. Your assets and accounts at Desjardins are protected—you won’t suffer a financial loss if unauthorized transactions are made in your Desjardins accounts as a result of this situation,” wrote the company to console the affected victims.

Furthermore, the company said that they have already contacted authorities including Office of the Privacy Commissioner of Canada, the Commission d’accès à l’information du Québec and the Autorité des marchés financiers to report the incident.

As part of their mitigation efforts, Desjardin’s are currently monitoring the activity in all their members’ accounts, and they are taking additional steps to confirm our members’ and clients’ identities when they call their Desjardins caisse or our AccèsD call center.

“Additional monitoring and protection measures were put in place on all member accounts. You will also notice that the procedures for confirming your identity in person and over the phone have been strengthened. Other measures have also been put in place, but these must remain confidential to ensure their effectiveness,” the press release reads.

Desjardins is the leading financial cooperative in Canada, with more than seven million active clients and members. Rated one of Canada’s top 100 employers by Mediacorp Canada, the organization is home to more than four thousand employees and more than three thousand board members. Desjardins is the financial institution with the largest regional presence in Quebec and the only financial institution established in 240 towns and villages.

Meanwhile, the company has already notified their affected members through a letter sent by the company regarding the data breach. As part of their efforts to help affected accounts secure their financial data and to mitigate the possible effects of the data breach, Desjardins also offered those who are concerned with a 5-year credit monitoring plan, paid for by the organization. The service includes daily access to your credit report, alerts of critical changes, and identity theft insurance.

They advised the affected members that the letter they received includes a personal activation code which they can use to activate their credit monitoring plan with Equifax before October 31, 2019.

They also advised those who administer a business or estate account, or have power of attorney for an account, they will receive a letter for each impacted account. As a result, they may receive more than one letter. Desjardins decided to proceed in this manner to make sure affected accounts were notified as quickly as possible. Consolidating their mailing lists would have taken extra time and is counterintuitive in resolving the data breach as fast as they can.

Furthermore, Desjardins is also encouraging their members who have not received a notification mail from them – meaning they are not part of those who are affected – to be vigilant.

“Be suspicious of any emails and text messages you receive that ask you to provide personal information. Desjardins will never send you unsolicited emails or text messages asking for personal information,” they said.

“Make sure all your recent account activity is legitimate.”

A consumer tech and cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama.

Business

2.2 Million More Patient-Victims Of AMCA Data Breach Came Forward

Clinical Pathology Laboratories blamed AMCA for not providing them enough information back in June.

Published

on

Photo: Thirteen Of Clubs Follow | Flickr | CC BY-SA 2.0

A month after the medical collection portal owned by the American Medical Collection Agency (AMCA) fell victim to a data breach that has affected more than 20 million of their users from different blood testing laboratories and medical institutions around the country, a new AMCA partner lab came forward and said that their clients were also affected by the data breach.

According to Clinical Pathology Laboratories (CPL), 2.2 million clients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information, and treatment provider information stolen from the previously reported data breach involving AMCA.

Last month, data were stolen from users of the AMCA payment portal that was used to pay for laboratory fees by more than 20 million victims. These data include their names, phone numbers, dates of birth, home addresses, social security numbers, credit card numbers, and other bank details.

The list of impacted testing laboratories includes Quest Diagnostics (11.9 million patients), LabCorp (7.7 million patients), BioReference Laboratories (Opko Health subsidiary, 422,600 patients), Carecentrix (500,000 patients), and Sunrise Laboratories (undisclosed number of patients).

This time, Clinical Pathology Laboratories (CPL) says that an additional 2.2 million victims of the data breach come from their client list, and another 34,500 patients had their credit card or banking information compromised.

The company blamed the late announcement from CPL to AMCA for not providing them with enough information regarding the breach when it was first disclosed in June.

“At the time of AMCA’s initial notification, AMCA did not provide CPL with enough information for CPL to identify potentially affected patients or confirm the nature of patient information potentially involved in the incident, and CPL’s investigation is on-going,” said the company in a statement.

As of today, it is still unclear whether AMCA nor its partner companies have reached out to their clients to personally notify them about the data breach. Back in June, AMCA first disclosed that only 200,000 clients had their data compromised. However, reports from its partners have confirmed that the victim tally reaches 20 million.

AMCA and partners were slapped with lawsuits

AMCA, Quest, and LabCorp in June were slapped with at least 19 lawsuits concerning the data leak. More than 19 class-suite actions have been filed against the three companies for their involvement in the breach and their inability to fulfill the promise of protecting their clients’ sensitive information.

According to one of the lawyers in one of the lawsuits hurdled against the involved companies, healthcare providers are one of the most susceptible entities, but they have lackluster data protection systems.

“Healthcare companies are especially susceptible to data breaches not only because they aggregate a tremendous amount of important and sensitive data, but also because they tend to be less focused on cybersecurity protection than other industries,” said John Yanchunis of Morgan and Morgan, one of the firms who filed lawsuits against Quest Diagnostics.

Yanchunis said that these companies “know [that] they are at an increased risk and yet have not taken the proper steps to protect their patients’ data.”

AMCA filed for bankruptcy

Amid the data breach that centers the American Medical Collection Agency, the company has filed for bankruptcy and laid off more than 70% of its workforce, as cost in mitigating the impacts of the leak has to lead the company to lose a massive amount of money.

According to the company, the data breach “resulted in enormous expenses that were beyond the ability of the Debtor to bear.”

“Almost immediately upon learning of the breach, LabCorp unqualifiedly and indefinitely terminated its relationship with the Debtor,” the filing reads.

“Soon after, Quest Diagnostics, Conduent, Inc., and CareCentrix, Inc. which together with LabCorp were the Debtor’s four largest clients, stopped sending new work to the Debtor, and all terminated or substantially curtailed their business relationships with the Debtor.”

Cybersecurity experts have estimated that the company most likely to spend at least $400,000 for cyber forensics alone. Add to that the cost of IT support, severe restrictions that were put in place to protect AMCA’s network from further intrusion, looming court cases, and the loss of valuable business partners; it is most likely that the company was driven to the abyss of bankruptcy by the data breach.

Of course, to cut cost, AMCA has also laid off employees and only retained those who are significant in the legal battles it faces, including the lawsuits and its request for bankruptcy. AMCA’s current employee count is down from 113 to 25, which practically cut of 78% of its human resources. Fuchs has asked the court to consider a motion which will ensure the firm’s remaining staff will be paid during the process.

Continue Reading

Business

Treasury Chief Says Crypto Is A “National Security Risk”

Published

on

Secretary of the Treasury Steven Mnuchin | 7/25/17 (Official White House Photo by Ricky Harris)

A new jab was thrown against Bitcoin and cryptocurrencies from the US government after statements from the U.S. Treasury Secretary branded the industry as a “national security threat.”

Facebook’s announcement of Libra has brought crypto and blockchain technology in the center stage, as governments around the world have heightened their scrutiny on the alternative financial system that the industry is offering.

Government executives and high ranking officials have raised concerns on the volatility of the technology, and how it is being used by malicious actors to facilitate illegal transactions such as money laundering and illegal drugs.

Now, US Treasury Secretary Steven Mnuchin chimed in the conversation and echoed earlier apprehensions versus Bitcoin and cryptocurrencies. The Secretary warns that Bitcoin, as well as, Facebook’s plans for Libra, pose a “national security issue” for the United States.

“This is indeed a national security issue,” Mnuchin told reporters at a press conference yesterday. “Cryptocurrencies such as bitcoin have been exploited to support billions of dollars of illicit activity like cyber crime, tax evasion, extortion, ransomware, illicit drugs, and human trafficking,” adding that Facebook’s Libra “could be misused by money launderers and terrorist financiers.”

Mnuchin echoed other politicians stance on Facebook’s Libra venture and said that he was “not comfortable” by the idea of it.

Trump vs. Crypto

In a series of tweets on last week, the POTUS said that he is not a “fan” of cryptocurrencies, asserted that America has only one currency, criticized bitcoin, as well as told Facebook that they need a banking charter if they want to launch their newly announced crypto-based money called Libra.

Trump said cryptocurrencies are not money, and “Unregulated Crypto Assets can facilitate unlawful behavior, including drug trade and other illegal activity.”

“If Facebook and other companies want to become a bank, they must seek a new Banking Charter and become subject to all Banking Regulations,” said the president.

Related: Trump Vs. Crypto: Dollar Is The Only Currency Of The USA

According to the President, the dollar is the only currency in America, and Libra, among other cryptocurrencies, are not “real money.”

“We have only one real currency in the USA, and it is stronger than ever, both dependable and reliable. It is by far the most dominant currency anywhere in the World, and it will always stay that way. It is called the United States Dollar!” Trump said in a tweet.

Trump’s anti-crypto stand was agreed upon by Mnuchin saying that “the president does have concerns as it relates to bitcoin and cryptocurrencies—those are legitimate concerns that we have been working on for a long period of time.”

Democrats vs. Crypto

Joining Trump’s army against cryptocurrencies and Facebook’s Libra plans are Democrats from the Senate who recently circulated a draft proposal that bans big tech companies from issuing digital money.

The bill, which was bluntly named as “Keep Big Tech Out Of Finance Act,” circulates among Democrats majority that leads the U.S. House Financial Services Committee, proves that the US government is not joking about its position against Libra and other similar ventures in the future.

Read More: Democrats Move To Ban Big Techs From Issuing Digital Money

According to the proposed bill, no tech company should be allowed to issue any form of financial services. “A large platform utility may not establish, maintain, or operate a digital asset that is intended to be widely used as a medium of exchange, unit of account, store of value, or any other similar function, as defined by the Board of Governors of the Federal Reserve System,” reads a copy of the bill obtained by Z6Mag.

Furthermore, while the bill does not specify any company, it clearly refers to Facebook, and it’s planned blockchain-based currency, Libra. The “large platform utility” is defined as a technology company with “[an] annual global revenue of $25,000,000,000 or more” and one that is “predominately engaged in the business of offering to the public an online marketplace, an exchange, or a platform for connecting third parties.” This definition seems to be crafted to include Facebook rather than exclude other companies.

It is also worth noting that the proposed legislation also prohibits “large platform utilities” from affiliation with “persons who are a financial institution.” This further includes Facebook’s proactive workaround against possible future laws that may prohibit them from owning Libra.

Nonetheless, the bill is still in its earliest phase yet, and many could happen to move forward. For it to become a law, it still has to withstand the possible opposition by Republicans in both the House and the Senate.

Continue Reading

Business

Senator To Facebook’s Libra: ‘Can People Trust You?’

Published

on

Photo: BTC Keychain | Flickr | CC BY 2.0

When it comes to Facebook’s Libra, the US government has made one thing clear: they don’t trust the tech giant and its plan to release an alternative financial system based on the highly debated blockchain technology.

In a Senate hearing today, a Facebook executive was grilled by lawmakers in the Senate Banking Committee over the plan to issue its digital currency and its possible effect on the global banking and financial ecosystem.

Facebook announced a month ago that it would roll out a new form of digital money, called Libra, which the tech superpower claims to be a stable coin. Unlike its predecessor, Bitcoin, the Silicon Valley giant claims that Libra is a cryptocurrency backed by real-world money and government certificates, and is also supported by a group of corporations such as Mastercard, Paypal, and VISA.

Libra is set to be available for circulation early next year, but a few weeks following Facebook’s announcement, staunch government opposition has proved difficult for Libra to push through with its most ambitious plan.

“Facebook has said ‘just trust us’” Senator Sherrod Brown, Democrat of Ohio, said at the hearing. “And every time Americans trust you, they seem to get burned.”

Many governments around the world have echoed concerns on how Facebook will handle such an ambitious feat. Many claims that because of the company’s reputation in data security, it is hard to trust Facebook in handling people’s money.

“Trust is primordial”

“Do you really think people should trust Facebook with their hard-earned money?” Senator Brown asked Facebook’s exec, David Marcus.

As a response, Marcus said that the company would do its best to protect people’s money, as well as, prevent fraud and other illegal activities that malicious actors may carry out using Facebook’s Libra.

One of the significant critiques against Facebook’s digital money comes from the fact that cryptocurrencies are not well regulated and criminal element can leverage the technology and use Libra for money laundering and other forms of illegal payments.

“We’ve made mistakes in the past,” Mr. Marcus said. “We have been working, and are working hard to get better.”

“Trust is primordial,” he added.

Keep Big Tech Out Of Finance Act

The Senate hearing comes a day after a copy of a draft proposal in the Senate penned by Democrat senators surfaced that practically bans major tech companies from issuing digital currencies.

Read: [Breaking] Democrats Move To Ban Big Techs From Issuing Digital Money

A new draft proposal for the bill, bluntly named as “Keep Big Tech Out Of Finance Act,” that circulates among Democrats majority that leads the U.S. House Financial Services Committee, proves that the US government is serious about its position against Libra and other similar ventures in the future.

According to the proposed bill, no tech company should be allowed to issue any form of financial services. “A large platform utility may not establish, maintain, or operate a digital asset that is intended to be widely used as a medium of exchange, unit of account, store of value, or any other similar function, as defined by the Board of Governors of the Federal Reserve System,” reads a copy of the bill obtained by Z6Mag.

Global fiscal and legislative resistance vs. Libra

Furthermore, while the bill does not specify any company, it clearly refers to Facebook, and it’s planned blockchain-based currency, Libra. The “large platform utility” is defined as a technology company with “[an] annual global revenue of $25,000,000,000 or more” and one that is “predominately engaged in the business of offering to the public an online marketplace, an exchange, or a platform for connecting third parties.” This definition seems to be crafted to include Facebook rather than exclude other companies.

It is also worth noting that the proposed legislation also prohibits “large platform utilities” from affiliation with “persons who are a financial institution.” This further includes Facebook’s proactive workaround against possible future laws that may prohibit them from owning Libra.

European officials have also expressed concern regarding Libra, citing that the system, if widely adopted, could shake the global economy and rival national banks. French Finance Minister Bruno Le Maire sent a letter to officials from the G7 and International Monetary Fund calling for a group to examine Libra’s impact on the global financial system. Le Maire said that Libra must not become a “sovereign currency,” while a German politician noted Facebook’s potential to become a “shadow bank” to the global financial system.

Aside from European officials, Japanese lawmakers are also investigating the possible impact of Facebook’s Libra in global banking and financial systems ahead of the G-7 Meeting of the country’s finance ministry to be held in France this week.

Continue Reading

Trending