Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label phishing attack Canada. Show all posts
phishing attack Canada
Canada investment regulator CIRO Cybersecurity Incident Data Breach investor data breach phishing attack Canada

CIRO Discloses Phishing Breach Impacting Personal Data of 750,000 Individuals

 

The Canadian Investment Regulatory Organization (CIRO) serves as the country’s national self-regulatory authority for investment dealers and marketplaces, with responsibilities that include investor protection, regulatory enforcement, and ensuring the integrity and efficiency of Canada’s capital markets.

CIRO has disclosed that a phishing attack in August 2025 led to the unauthorized access and theft of personal information belonging to approximately 750,000 individuals. While the incident required certain systems to be taken offline as a precaution, the organization confirmed that its core operations remained unaffected.

According to CIRO, the security incident was swiftly contained, and investigations found no evidence of an ongoing threat. The compromised data primarily related to member firms and registered employees, along with some investor and investigative records.

The organization detected the cyber intrusion in August 2025 and acted promptly to limit its impact. CIRO informed law enforcement and relevant regulatory authorities and engaged external cybersecurity specialists to conduct a detailed forensic investigation. Findings revealed that only a restricted portion of investigative, compliance, and investor-related data had been copied.

“In August 2025, CIRO identified a cybersecurity incident. We took immediate steps to contain the incident, secure our systems and protect the information in our care. We notified law enforcement and all relevant authorities including privacy commissions across Canada.” reads the FAQ page published by CIRO. “Once contained, we retained a leading third-party forensic IT investigator to determine what information was impacted. After more than 9,000 hours of review, that investigation determined that a limited subset of investigative, compliance and market surveillance data, including some of investor information, was copied from our system.”

CIRO explained that the exposed information included sensitive personal and financial details such as income data, identification documents, contact information, account numbers, and financial statements gathered during regulatory and investigative processes. The organization emphasized that no passwords or PINs were compromised and stated that it has not identified any misuse of the data or signs of it appearing on the dark web.

“CIRO received this information in the normal course of carrying out its regulatory mandate to protect investors from improper investment conduct and practices, and through its investigative, compliance assessment and market regulation work,” the organization says. “CIRO will delete investor information when no longer required for its investigative, compliance assessment and market surveillance work, however we are unable to process individual deletion requests.”

As a precautionary measure, CIRO continues to monitor for any suspicious activity and has offered affected individuals two years of complimentary credit monitoring and identity theft protection services.
Read more »
Subscribe to: Comments (Atom)