Canadian wealth management platform Wealthsimple has announced that a security breach has compromised the personal information of some customers.
Contact details, government IDs, financial data such as account numbers, IP addresses, Social Insurance Numbers, and dates of birth were exposed in the incident, affecting less than one percent of the firm’s three million customers. Wealthsimple confirmed that no money was stolen and that passwords remain secure.
The company detected the breach on August 30 and enlisted external experts to investigate, revealing that a specific software package provided by a trusted third party had been compromised.
Affected customers have been notified and offered two years of free credit monitoring and protection. In a message to clients, Wealthsimple stated, “We take the trust you put in us very seriously. And intrinsic to that trust is being transparent. That’s why we notified our clients as soon as possible, shared as much information as we could, and let them know we’re dedicated to doing everything we can to support them.
“Most importantly, we apologise to those clients whose data was accessed – and to all our clients, because threats to personal data can cause a lot of anxiety.”