Stolen Data From Desjardins Customers In Quebec Has Been Sold To International Dark Web Criminals

2.9 million Desjardins members were affected by the data breach.
Staff Writer
Stolen Data From Desjardins Customers In Quebec Has Been Sold To International Dark Web Criminals

A few weeks ago, we learned that 2.9 million members of the Desjardins Group had their personal data stolen in an unprecedented data breach. A former employee signed in to the system and shared customers' personal information to a third party

According to the Journal de Montreal, Sébastien Boulanger Dorval, the 37-year-old employee, now fired by the company, sold some of the data to international criminal groups via the dark web. 

The data breach affected 2.9 million Desjardins customers along with over 150,000 businesses. The leaked information includes social insurance numbers, email addresses, birth dates, and full names. According to CBC Newspasswords and security questions weren't compromised.

Members were notified by mail as soon as the fraud actually happened. Affected members will benefit from Equifax's credit monitoring insurance for free for five years. Apparently, the employee committed fraud because he needed the money. 

Citing a police source, the Journal de Montreal wrote that there could potentially be more than a dozen criminal groups or individuals who now possess the leaked information. The data is difficult to track but investigators from the Laval Police and Sûreté du Québec have been making incredible progress. 

These groups could potentially sell them to others or even keep them for themselves for whatever nefarious purposes. The primary concern here is identity theft as Desjardins was quick to point out that no account passwords or security questions were hacked.

READ ALSO: The U.S. Is Now Keeping Track Of The Personal Information Of Canadians Who Cross The Border

It's believed that the criminal groups are indeed "fragmenting" the information. A source for the Journal de Montreal said that they're worried for the safety of public officials in Quebec as many of them were customers of the Desjardins Group. 

Translation: If you're one of the affected members, we will communicate with you exclusively by mail. We will not contact you by telephone, email, or text message. Stay vigilant!

Currently, the ex-employee who leaked the data hasn't been charged with anything because investigations are still on-going.

It's estimated that the price of each data set could be $100 to $200 dollars apiece, but can go for much more when sold in bulk. 

If you're a Desjardins customer and are worried about your data, it's recommended that you contact the company as soon as possible. 

Teddy Elliot
Staff Writer
Recommended For You