A recent data breach at Desjardins Group has affected 4.2 million members, said the Canadian co-op.
In June Desjardins announced that an unauthorised use of internal data by an employee had led to the breach of personal information of 2.7 million members and 137,000 business clients. But in a press release published on 1 November the co-op updated the number of members affected to 4.2 million, adding that “there is no information at this time about whether or not more business members have been affected.”
The data breach includes the social insurance number, address and details of banking habits of these members.
Desjardins says that from July onward, all members who do their banking with Desjardins in Quebec and Ontario have been protected by Desjardins identity protection. The coverage will reimburse them up to CA $50,000 (£30,930) for expenses related to identity theft. This could cover salary loss, document notarisation, legal or accounting fees, and other types of related expenses.
The co-op has also offered members who were victims of identity theft access to lawyers and experts and reimburse them for certain expenses incurred as a result. All Desjardins members can also make use of a credit monitoring service now, which alerts them if there are any changes to their personal information or new credit inquiries.
The largest association of credit unions (also known as caisses) in North America, Desjardins has seven million members.
Guy Cormier, president and CEO of Desjardins Group, said: “Since the privacy breach was first announced, we’ve made it clear that we intended to enhance the Desjardins identity protection service. During our appearance today at the Chamber of Commerce of Metropolitan Montreal, we had already been planning to announce that all caisse members who use AccèsD to do their banking with Desjardins in Ontario and Quebec are now eligible for a five-year credit monitoring service from Equifax, paid for by Desjardins.”