The Canadian Press reports that Mouvement Desjardins has reached a $200-million settlement with plaintiffs in a class action suit launched after a massive data breach in June 2019. The settlement has to be approved by the Superior Court of Quebec. Read more at Montreal Gazette. A press release issued by plaintiffs’ counsel states, in part:…
Category: Financial Sector
Za: Standard Bank on delay in telling public about data breach: ‘We complied with the law’
Londiwe Buthelezi reports: Standard Bank says it took several days to disclose the latest data breach on its LookSee platform because its immediate focus was to get to the bottom of the issue first and understand how serious it was. The banking group informed the public on 9 December that homeowners’ data was compromised by…
Canadian federal privacy commissioner says BMO security breach in 2017 affected 113,000 client accounts
James Bradshaw reports: A 2017 data breach that exposed personal information belonging to more than 113,000 Bank of Montreal customers exploited “significant weaknesses” in the bank’s safeguards that have since been strengthened, according to a report from the Privacy Commissioner of Canada. BMO previously disclosed the breach in May, 2018, after receiving a ransom demand…
10 countries simulate cyber attack on global financial system
Steven Scheer of Reuters reports: Israel on Thursday led a 10-country simulation of a major cyber attack on the global financial system in an attempt to increase cooperation that could help to minimise any potential damage to financial markets and banks. The simulated cyber attack evolved over 10 days, with sensitive data emerging on the…
PNB denies cybersecurity firm’s claim that 180 million customers’ data was breached, but CyberX9 calls their denial “false and misleading”
Regina Mihindukulasuriya reports: The Punjab National Bank (PNB) has denied media reports that over 180 million customers’ data has been breached or exposed, adding that the bank is certified with ISO 27001 standards for information security practices. PNB responded to media reports published Sunday, based on the findings by Chandigarh-based cybersecurity firm CyberX9, with a statement the…
Polish DPA: Bank Millennium fined 80,000 EUR for failure to notify the breach and the data subjects about the incident
22 November 2021 Background information Date of final decision: 14 October 2021 Cross-border case or national case: National case Controller: Bank Millennium S.A. Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), Communication of a personal data breach to the data subject (Article 34(1)) Decision: Infringement of the GDPR, fine…