If you bank with BMO or CIBC’s Simplii Financial, your account may have been compromised.
On Monday, both banks started to alert clients that “fraudsters” may have accessed sensitive account information. Simplii reported that up to 40,000 of their customers may have been affected while BMO declined to release an estimate.
Simplii was the first to come public with news of a data breach. The bank said it received a tip over the weekend that hackers had obtained account information from a limited amount of clients.
“We’re taking this claim seriously and have taken action to further enhance our monitoring and security procedures,” said Michael Martin, the bank’s senior vice-president, in a statement.
According to 680 News, a Simplii customer has already reported $2,889 being mysteriously withdrawn from her account. She also told 680 News that her personal information was changed and that she reported this incident to the RCMP.
Simplii says the investigation is continuing, and it will notify affected clients through all available channels. In addition, the bank ensured that any money lost due to this breach would be 100 per cent returned.
Formerly known as PC Financial, Simplii Financial is owned by Canadian Imperial Bank of Commerce (CIBC). Late last year, CIBC and President’s Choice Financial announced that they would be ending their banking services partnership, with CIBC absorbing all of the daily-banking accounts, and moving them over to its own new online banking venture, Simplii Financial Bank. At this time, there’s no indication that any CIBC customers were affected.
That being said, it should be noted that PC Financial® MasterCard® accounts are solely owned by PC Bank and are not under the Simplii Financial umbrella, so customers are not affected by this breach.
Shortly after the Simplii announcement, BMO also came forward to let the public know that it was contacted this past Sunday by alleged “fraudsters” who claimed that they had obtained account information.
After their own preliminary investigation, BMO took immediate action to ensure that no other accounts would be compromised. The bank believes the attack originated outside of Canada and says it is working with authorities to identify the source and assess any potential damages.
Steps to ensure your cyber security
Even if you were not affected by this data breach, you may want to take a few extra steps to protect yourself.
- Change your online banking passwords and PIN on, at least, an annual basis.
- Always make your password hard to guess. It should include upper and lower case characters as well symbols and numbers is possible.
- Actually look at your bank and credit card statements when they come in and report any non-authorized transactions, unfamiliar purchases or suspicious activity immediately.
- Checking your credit score? Take a look at your detailed credit report at least once a year and report any suspicious activity immediately (loans or credit cards you never applied for, etc.).
- When banking, make sure the site is secure by looking for the lock icon in your browser bar.
- Don’t use public Wi-Fi or public devices when doing private banking online.
Just because you aren’t missing any money from your account doesn’t mean you don’t need to take the above steps to protect yourself. For many thieves, the most valuable thing they can obtain from you is your personal information. With this information, they could commit identity fraud which can do much more harm in the long run than losing your actual money.
However, if you are a Simplii Financial or BMO client and have questions about your account or think you were affected by the breach, it’s best to give your bank a call and speak to a financial advisor.