Wealthsimple Data Breach Affects Less Than 1% of Clients
Wealthsimple, a leading Canadian digital wealth manager, has revealed a data breach impacting a small fraction of its clients. The incident, discovered on August 30, 2023, compromised personal information but did not result in any funds being accessed or stolen.
The breach occurred due to a supply chain attack via a trusted third-party software package, although the specific developer's name has not been publicly disclosed. Wealthsimple, established in 2014 and managing over C$84B in assets for 3M clients, has offered affected customers two years of free credit monitoring, darkweb monitoring, ID theft protection, and insurance.
Compromised data includes personal information such as contact details, government IDs, financial details, IP addresses, and dates of birth. However, passwords remained secure, and no funds were impacted. Less than 1% of Wealthsimple's clients were affected by the incident.
Wealthsimple, recognized for its robo-advisory portfolios, commission-free stock/ETF trading, crypto, tax filing, and savings accounts, has bolstered its security measures and notified regulators following the breach. The company's swift response and compensation offer aim to mitigate potential damages for affected clients.
