- WealthSimple had a data violation via third -party software
- Under 1% of users lost personal information, not passwords or funds
- Affected users got alarms, protection and security tips
One of Canada’s most popular fintech platforms has confirmed the suffering of a cyber attack that caused it to lose sensitive data on a small part of its customers.
A message published on WealthSimple’s website said named hackers compromised a “specific software package written by a trusted third party.”
The attack was spotted fairly quickly, the company said, and was stopped before it could escalate, but attackers still managed to steal personal data belonging to “less than 1%” of its clients.
Free monitoring of identity theft
Since Wealth Simple has more than three million customers, it would set the number of persons affected to a maximum of 30,000, all of whom may have lost personal information such as contact information, government IDs delivered during the registration process, financial details and account numbers, IP addresses, social insurance numbers and dates of birth.
Passwords or funds were not accessed and “all accounts remain fully secure,” emphasized WealthSimple.
The investment giant said it has already notified all affected people via E -mail and offered two years of free credit and dark web surveillance as well as protection and insurance for identity theft. Law enforcement and relevant government agencies were also notified.
At the same time, the company encouraged users to protect itself, suggesting 2FA with an authenticator app, increased awareness of phishing and social engineering and using unique, strong passwords across accounts.
Founded in 2014, WealthSimple was currently having about $ 60 million in assets under management (AUM). It offers several financial products, including an automated investment platform, commission-free stock and ETF trading apps and a platform for trading in cryptocurrencies.
Via Bleeping computer
