DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Canadian federal privacy commissioner says BMO security breach in 2017 affected 113,000 client accounts

Posted on December 13, 2021 by Dissent

James Bradshaw reports:

A 2017 data breach that exposed personal information belonging to more than 113,000 Bank of Montreal customers exploited “significant weaknesses” in the bank’s safeguards that have since been strengthened, according to a report from the Privacy Commissioner of Canada.

BMO previously disclosed the breach in May, 2018, after receiving a ransom demand from hackers, who threatened to release private customer information if their demands weren’t met. The bank refused to pay. At the time, BMO said the attack likely compromised information belonging to fewer than 50,000 clients. In fact, the report says, two separate attacks managed to steal personal information belonging to 113,154 customers over a six-month span in 2017.

Read more at The Globe and Mail.


Related:

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Hungarian police arrest suspect in cyberattacks on independent media
  • British institutions to be banned from paying ransoms to Russian hackers
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
  • Inquiry launched after identities of SAS soldiers leaked in fresh data breach
Category: Commentaries and AnalysesFinancial SectorHackNon-U.S.

Post navigation

← Arrest in Romania of a ransomware affiliate scavenging for sensitive data
Świętokrzyskie: Personal data leaked from the commune office in Nowiny →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Canadian cybercriminal sentenced to a year in prison for NFT theft scheme
  • Oops! Catasauqua employees’ Social Security numbers, other data accidentally sent to government watchdog group
  • EU-wide Breach Notification Template on the Horizon
  • Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers
  • Hackers wipe out Rs 384 crore from Bengaluru cryptocurrency firm Neblio Technologies; firm says inside job
  • Intelligence cyberattack on Crimea. Documents confirming abduction of children from Ukraine found
  • Seminole County Schools recovers money taken by hackers
  • Minnesota National Guard deployed; St. Paul declares state of emergency in response to cyberattack
  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Attorney General James Takes Action to Protect Sensitive Personal Information of Tens of Millions of People
  • Searches of Your Private Data in the Cloud Amount to Illicit State Action
  • How a Tax Subpoena in Ohio Tests European Privacy Law
  • Cambodia moves to enact comprehensive data privacy law
  • White House ordered to restore Medicaid funding to Planned Parenthood clinics
  • California Attorney General Announces $1.55M CCPA Settlement with Healthline.com
  • Canada’s Bill C-2 Opens the Floodgates to U.S. Surveillance

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.