11 September 2019 13:30
Photo : Freepik
The tour d’ai financial Group have been a victim of a computer breach, according to information provided by Radio-Canada. Three representatives of the sales network of the insurer have been victims of phishing. Unlike the incident that occurred at Desjardins group, the intrusions from outside the organization. All in all, 2 864 clients of the insurer have been affected.
Among the information potentially disclosed, we find the name, information on the products held for ai and for some clients, the date of birth or bank details also. In 129 cases, the social insurance number is also part of the batch.
“At the present time, nothing indicates that the data of our customers were used for malicious purposes or that they would have been sold to third parties,” said Peter Picard, a spokesman for ai financial Group in the Journal of the insurance.
Three separate incidents
The insurer also indicated that the events occurred on the 20 June, 8 July and 11 July. “This is three separate incidents in no way related to them. During each incident, a person external to the organization has managed to take control momentarily boxes of e-mail of a representative, and thus had the opportunity to have access to all his e-mails. Even if this action was not necessarily the personal information of our clients, it is possible that these individuals have obtained some information about some of our clients, mostly located in Québec, ” explains Mr. Picard.
He argues that the it services of the company responded “immediately” to the three opportunities to regain control of the boxes of e-mails and that an investigation has been made to understand what happened.
iA claims to have implemented additional security measures to reduce the risk of phishing. The insurer also said to have informed the regulatory authorities, including the Commission of access to information and theAuthority of the financial markets.
A subscription to Equifax for five years
The company offers the affected customers a subscription to the monitoring service of credit firm Equifax for a period of five years.
“We are anxious to preserve the confidential nature of the personal information we hold about our customers,” adds Pierre Picard. In this regard, several security measures and tools of training are already in place within our company. These measures allow us to protect our systems, to treat personal information with great care and ensure the safety of our properties. “
Phishing is an attempt of identity theft by which a hacker sends an e-mail that invites the recipient to click on a link and enter personal information such as a user name and a password.