Canadian investment regulator confirms hackers hit 750,000 investors

Source: The Record

The Canadian Investment Regulatory Organization (CIRO) confirmed Jan. 16 that approximately 750,000 investors were impacted by a cyber incident last year. The self-regulatory organization, which is independent of the Canadian government, oversees all investment and mutual fund dealers in the country, alongside trading activity on Canada’s debt and equity marketplaces. It said it could confirm the scale of a data breach following “a sophisticated phishing attack” that was detected in August. After what it described as “more than 9,000 hours” of forensic examination by a “leading third-party forensic IT investigator,” CIRO said it was reaching out to affected clients to confirm that the perpetrators may have compromised a wide range of personal information including dates of birth, phone numbers, annual income, social insurance numbers, government issued ID numbers, investment account numbers and account statements. Full Story