Canadian banks suffered from data breach: 90,000 clients’ data stolen

by Lucia Danes - -

Two Canadian banks got hacked: 90,000 customer’s information has been stolen

Canadian bank data breach

Bank of Montreal (BMO) and Canadian Imperial Bank of Commerce’s Simplii Financial (CIBC) reported about a possible data breach. About 90,000 customer’s data has been stolen, and hackers are asking each organization to pay $1 million.

Both of the targets rank in the top five largest banks in Canada, so the damage is huge. According to the latest information, hackers stole less than 50,000 BMO’s customer’s details and 40,000 CIBC’s client's data.[1]

The investigation of the data breach has been started. Banks also took all necessary measures to protect their clients. However, critics tell that organizations should have thought about customer’s protection earlier.

BMO Financial Group reported about Bank of Montreal data breach

Bank of Montreal reported that on Sunday, May 27, cyber criminals contacted the bank and told about possibly stolen customer’s personal and financial information:[2]

<…> fraudsters contacted BMO claiming that they were in possession of certain personal and financial information for a limited number of customers. <…> We took steps immediately when the incident occurred and we are confident that exposures identified related to customer data have been closed off. We have notified and are working with relevant authorities as we continue to assess the situation.

Representatives of the organization believe that this cyber attack was arranged from outside the country. However, detailed information about a data breach show up only after the investigation is over.

Simplii Financial was attacked on Sunday too

CIBC also reported about 40,0000 of Simplii’s customer’s data breach held on Sunday. In the official company’s statement, the Senior Vice-President of Simplii Financial Michael Martin told about taken precautions to protect their clients.

However, the bank also suggested customers take extra steps to protect themselves, such as set strong and complex passwords, and monitor their accounts.[3] In case of suspicious activities, clients should contact the bank immediately and get a refund:

Clients who notice suspicious activity are encouraged to contact Simplii Financial. If a client is a victim of fraud because of this issue, we will return 100% of the money lost from the affected bank account.[Source: Simplii Financial]

Currently, there’s no information that the main Canadian Imperial Bank of Commerce was hacked. Hence, only customers of Simplii Financial should be cautious.

Hackers contacted the banks and asked to pay the ransom

On Sunday both banks received an email from the hackers claiming about stolen customer’s information. The email included the information how they managed to commit a crime and asked each organization to pay $1 million.

It is said that attacker sussed common mathematical algorithm to confirm specific numeric sequences for a credit card or social insurance numbers. Then they used this information to reset customer’s passwords.[4]

Banks were also asked to pay the ransom in order to avoid stolen information leakage. Hackers were quite greedy and asked both Bank of Montreal and Canadian Imperial Bank of Commerce’s Simplii Financial to pay for one million dollars within one daytime. The payment should be made in Ripple cryptocurrency.[5]

It seems that none of the banks agreed to follow hackers’ blackmailing. Instead of that, they are working with cyber security specialists and trying to help victims of the data breach.

Prevent websites, ISP, and other parties from tracking you

Private Internet Access is a VPN that can prevent your Internet Service Provider, the government, and third-parties from tracking your online and allow you to stay completely anonymous. The software provides dedicated servers for torrenting and streaming, ensuring optimal performance and not slowing you down. You can also bypass geo-restrictions and view such services as Netflix, BBC, Disney+, and other popular streaming services without limitations, regardless of where you are.

A VPN is also crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that you are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speed.

Therefore, to stay completely anonymous and prevent the ISP and the government from spying on you, you should employ Private Internet Access VPN. It will allow you to connect to the internet while being completely anonymous, prevent trackers, ads, as well as malicious content. Most importantly, you will prevent the illegal surveillance activities that NSA and other governmental institutions are performing behind your back.


Recover your lost files quickly

Unforeseen circumstances can happen at any time while using the computer: it can turn off due to a power cut, a Blue Screen of Death (BSoD) can occur, or random Windows updates can decide to reboot the machine when you went away for a few minutes. As a result, your schoolwork, important documents, and other data might be lost.

Additionally, you might also be attacked by malware that can corrupt your Windows or encrypt files with a robust encryption algorithm, and ask for a ransom in Bitcoin for the decryption tool. Cybercriminals might not deliver what they promised, however, so it is better to attempt alternative file recovery methods that could help you to retrieve at least some portion of the lost data.

Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.

About the author
Lucia Danes
Lucia Danes - Security researcher

Lucia Danes is the news editor at UGetFix. She is always on the move because the eager for knowledge makes her travel around the globe and attend InfoSec events and conferences.

Contact Lucia Danes
About the company Esolutions


Your opinion regarding Canadian banks suffered from data breach: 90,000 clients’ data stolen