Wealthsimple, the Canadian investment platform, has announced a data breach that affected less than 1% of its customers. The company discovered the security incident on August 30, which was caused by a supply chain attack through a compromised third-party software package.
According to Wealthsimple, a software package from an unnamed third-party provider was compromised, allowing an unauthorized party to access some customer data for a short period. The company acted quickly to contain the breach within hours.
The personal information that was accessed includes:
- Contact details and government IDs
- Financial information such as account numbers and Social Insurance Numbers
- Date of birth and IP addresses
Wealthsimple stated that no funds were stolen and all customer accounts remain secure, as passwords were not compromised.
The company has notified all affected clients via email and is offering two years of free credit and dark web monitoring, identity theft protection, and insurance. A dedicated support team is also available to assist affected customers.
Wealthsimple, which has over 3 million clients and manages more than C$84 billion in assets, also confirmed that regulators have been informed of the breach and that new security measures have been put in place to prevent similar incidents. Customers who have not been notified were not impacted by the breach.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
