Desjardins settles 2019 data breach class-action lawsuit for up to nearly $201M

Desjardins settles 2019 data breach class-action lawsuit for up to nearly $201M

by Sue Jones
0 comments 76 views
A+A-
Reset

The agreement, which is subject to approval by the Quebec Superior Court, would allow eligible individuals who were affected by the privacy breach announced in June 2019 to receive a payment.

etat situation coronavirus 20200710

A Caisse populaire Desjardins sign is seen in Montreal on June 18, 2019. (Paul Chiasson/The Canadian Press)

Financial services firm Desjardins Group will pay up to nearly $201 million to settle a class-action lawsuit related to a data breach in 2019 that affected close to 9.7 million Canadians.

The agreement, which is subject to approval by the Quebec Superior Court, would allow eligible individuals who were affected by the privacy breach that came to light in June 2019 to receive a payment.

The settlement applies to members and former members as well as clients and former clients of the financial co-operative who have held Desjardins credit cards or financing products.

Desjardins says there’s no need for people to contact them before the agreement is approved and a claims process begins.

Plaintiff law firms Siskinds Desmeules and Kugler Kandestin say the agreement provides compensation for loss of time related to the personal information breach, as well as compensation for identity theft.

It also provides members Equifax credit monitoring service coverage for five years, and an extension by at least five years of the other protective measures implemented by Desjardins following the breach.

Details of the settlement are available at www.desjardinssettlement.com or by calling 1-888-886-7164.

A report by the federal Privacy Commissioner attributed the data breach to a series of technological and administrative gaps at Desjardins.

For at least 26 months, a rogue employee siphoned sensitive personal information collected by Desjardins from customers who had purchased or received products through the organization, a report by the commissioner found.

For some, the data included first and last names, dates of birth, social insurance numbers, street addresses, telephone numbers, email addresses and transaction histories.

The breach occurred over a period of more than two-years before Desjardins became aware of it, which happened only after the organization had been notified by police, according to the report.

Read More

You may also like

Leave a Comment