Desjardins Group says the former employee suspected of responsibility for a massive data breach had access to the personal information of a further 1.8-million credit card holders.
These credit card holders are not members of Desjardins, Canada’s biggest federation of credit unions. They are in addition to the 4.2 million members already known to be affected by the data breach, which was first made public in June.
On a conference call Tuesday, Desjardins’ executives said they don’t believe the personal information of the credit card holders was transferred to a third party.
They said it appears that while the suspect, who has since been fired, had access the personal information of the credit card holders, he didn’t have access to their credit card numbers themselves or to their personal identification numbers (PINs).
Desjardins also announced Tuesday that it isextending its credit-monitoring insurance to anyone who does business with the institution.
The insurance was initially available to those members who were affected by the breach. It will now be available to both members and clients — an estimated 8 million people across Canada.