Lost Canadian client data not encrypted, says IIROC

The personal financial information of thousands of brokerage industry clients stored in a device lost by an Investment Industry Regulatory Organization of Canada (IIROC) employee was not encrypted, according to the regulatory body.

The device which contained the personal information of some 52,000 brokerage firm customers was password protected but the data itself was not encrypted, said Lucy Becker, vice president of public affairs at IIROC.
(image from ShutterStock.com)

Leaving such data unencrypted is against the organization’s policy on protecting information it collects and IIROC is now conducting a comprehensive review to strengthen its policies and internal controls concerning its IT security and the collection, sharing and protection of confidential information, Becker said in an interview with the online financial publication InvestmentExecutive.com.

RELATED CONTENT

Insurance regulator loses data of 52,000 people
IIROC data loss preventable: Privacy commissioner

Becker said, her organization has a hired an outside expert to review its internal controls and information management practices.

The device containing the information was reportedly lost five or six weeks ago, but IIROC has declined to confirm the details around the incident. It was later reported that the device that was lost was a laptop. Becker said once IIROC learned of the data loss, the organization out to recreate the data and as of March 22, a third party forensic expert had determined the extent of the problem.

It was only early this month that IIROC came out publicly about the data loss.

Ian Russell, president and CEO of the Investment Industry Association of Canada (IIAC) said he expects to meet with IIROC officials next week to find out more about the incident and to offer his help.

It was a disappointment, he said, that as a trade association representing 32 firms that were impacted by the loss the IIAC was not immediately “brought in the loop.”

Read the whole story

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now