- Wealthsimple had a data violation via third -party software
- Under 1% of users have lost personal information, not passwords or funds
- Users concerned have alerts, protection and security advice
One of the most popular fintech platforms in Canada has confirmed the suffering of a cyber attack that made it lose sensitive data on a small part of its customers.
An announcement published on the Wealthsimple website said that the nameless hackers have compromised a “specific software that was written by a trusted third party”.
The attack was spotted fairly quickly, said the company, and was arrested before they could degenerate, but the attackers still managed to steal personal data from “less than 1%” of its customers.
Free identity flight monitoring
Given that Wealthsimple has more than three million customers, this would put the number of people affected by no more than 30,000, who may have all lost personal information such as contact details, government identifiers provided during the registration process, financial details and account numbers, IP addresses, social insurance numbers and birth dates.
Passwords or funds have not been accessible and “all accounts remain completely secure,” said Wealthsimple.
The investment giant said that he had already informed all the people affected by e-mail and offered two years of free credit and dark web surveillance, as well as protection and identity theft insurance. The police and relevant government organizations have also been informed.
At the same time, the company urged users to protect themselves, suggesting 2FA with an authentication application, increased awareness of phishing and social engineering, and using unique and strong passwords through the accounts.
WealthSimple was founded in 2014 and currently has around 60 million dollars in management assets (AUM). It offers many financial products, including an automated investment platform, action trading and ETF applications without commission, and a platform to exchange cryptocurrencies.
Via Bleeping Compompute
