Vaughan Spa

WARNING: Massive data breach of Canadian Brokerage Accounts

Previous Thread Next Thread
S

stinkynuts

Super
Jan 4, 2005
8,811
3,100
113

There was a massive data breach of Canadian brokerage accounts (not all).

The data that was leaked is very sensitive and includes:

Your full name
Address
Date of Birth
Government ID number and information
Annual Income
SIN Number
Brokerage Account Numbers
Account balances

Just a heads up. If you notice anything strange, be sure to take extra precautions. The data that has been leaked is so sensitive that a sophisticated scammer can wipe your account clean.

www.ctvnews.ca

CIRO says about 750K people’s data affected by cybersecurity incident

The Canadian Investment Regulatory Organization says about 750,000 Canadian investors may have had personal information compromised in a data breach last year.
www.ctvnews.ca www.ctvnews.ca
 
Last edited:
  • Like
  • Wow
Reactions: Muchadoaboutnothing, God of War and Trevor Wong
S

stinkynuts

Super
Jan 4, 2005
8,811
3,100
113
Since they have your phone number, if they manage to convince your cell phone carrier to swap SIMs, it's all over. They then have full access to your brokerage account and can wipe it clean. Be extremely vigilant of any signs that your SIM card has been swapped (SOS Mode with no service), or a message saying that your cell phone number is being ported to a new phone.

Never respond to text messages regarding financial information. If you receive a text saying your account has been compromised, NEVER respond, or call the number in the text. Immediately go the bank in person or call the toll free number on the back of your card.
 
  • Like
Reactions: Muchadoaboutnothing, God of War and Trevor Wong
God of War

God of War

Member
Aug 12, 2022
38
29
18
stinkynuts said:

There was a massive data breach of Canadian brokerage accounts (not all).

The data that was leaked is very sensitive and includes:

Your full name
Address
Date of Birth
Government ID number and information
Annual Income
SIN Number
Brokerage Account Numbers
Account balances

Just a heads up. If you notice anything strange, be sure to take extra precautions. The data that has been leaked is so sensitive that a sophisticated scammer can wipe your account clean.

www.ctvnews.ca

CIRO says about 750K people’s data affected by cybersecurity incident

The Canadian Investment Regulatory Organization says about 750,000 Canadian investors may have had personal information compromised in a data breach last year.
www.ctvnews.ca www.ctvnews.ca
Click to expand...
stinkynuts said:
Since they have your phone number, if they manage to convince your cell phone carrier to swap SIMs, it's all over. They then have full access to your brokerage account and can wipe it clean. Be extremely vigilant of any signs that your SIM card has been swapped (SOS Mode with no service), or a message saying that your cell phone number is being ported to a new phone.

Never respond to text messages regarding financial information. If you receive a text saying your account has been compromised, NEVER respond, or call the number in the text. Immediately go the bank in person or call the toll free number on the back of your card.
Click to expand...
stinkynuts said:
Click to expand...
Thanks for the heads up.

That is why I don't trust financial planners or one bank to absorb all my money. Especially when they only guarantee your deposit up to $100,000 per account through CDIC.
 
  • Like
Reactions: Muchadoaboutnothing, stinkynuts and Trevor Wong
R

rajput

Active member
Sep 19, 2023
186
132
43
How would they get securities out of your brokerage account? It’s not that easy to transfer stocks out. Plus there’s all that multi factor authentication.
 
  • Like
Reactions: Trevor Wong
C

Caspertheghost

Well-known member
Jan 27, 2005
1,668
753
113
If you have your trading account at same bank as your savings and chequing accounts, and they are linked, they can sell your securities and then go to your other accounts and perform cash transfers, etc. There is another layer of security there, but it is the last barrier….
 
  • Like
Reactions: stinkynuts
S

stinkynuts

Super
Jan 4, 2005
8,811
3,100
113
Caspertheghost said:
If you have your trading account at same bank as your savings and chequing accounts, and they are linked, they can sell your securities and then go to your other accounts and perform cash transfers, etc. There is another layer of security there, but it is the last barrier….
Click to expand...
Exactly.

Usually the two are linked. Meaning electronic transfers online are very simple to make to gain access to your online account. All they need is your account number and your telephone number to send the security code to.
 
  • Like
Reactions: Muchadoaboutnothing
A

angrymime666

Well-known member
May 8, 2008
1,194
789
113
Caspertheghost said:
If you have your trading account at same bank as your savings and chequing accounts, and they are linked, they can sell your securities and then go to your other accounts and perform cash transfers, etc. There is another layer of security there, but it is the last barrier….
Click to expand...
Some platforms have a secondary password to buy sell any securities which is different than your login password. Just another level of security
 
  • Like
Reactions: Trevor Wong and stinkynuts
S

Scroty McDickface

New member
Dec 8, 2025
21
12
3
Caspertheghost said:
If you have your trading account at same bank as your savings and chequing accounts, and they are linked, they can sell your securities and then go to your other accounts and perform cash transfers, etc. There is another layer of security there, but it is the last barrier….
Click to expand...
So they sell like 30 of your positions, wait for the settlement date, then wait to transfer the cash out, all which must be done during business hours. Also a large transfer of money has to be approved by a human at the brokerage. This is like 3 business days to wipe out your account and you can see any trading activity or transactions. Interac e-Transfer limits vary by bank but generally cap single transfers around $3,000, with daily rolling limits around $3,000–$10,000, weekly limits around $10,000, and monthly limits between $20,000–$30,000.
 
Last edited:
  • Like
Reactions: Trevor Wong
S

stinkynuts

Super
Jan 4, 2005
8,811
3,100
113
angrymime666 said:
Some platforms have a secondary password to buy sell any securities which is different than your login password. Just another level of security
Click to expand...
This is actually the strongest layer of security, since only you know it. There’s no way to bypass it.

Obviously, it will be pointless to have the security feature. If the system didn’t lock you out after a few attempts. If they didn’t, they could just try to combination since the combination is only four digits.

Anyone with a brokerage account should activate this feature. I know TD has it.
 
  • Like
Reactions: Goodoer and Trevor Wong
A

angrymime666

Well-known member
May 8, 2008
1,194
789
113
stinkynuts said:
This is actually the strongest layer of security, since only you know it. There’s no way to bypass it.

Obviously, it will be pointless to have the security feature. If the system didn’t lock you out after a few attempts. If they didn’t, they could just try to combination since the combination is only four digits.

Anyone with a brokerage account should activate this feature. I know TD has it.
Click to expand...
I think scotia itrades as well
 
G

Goodoer

Doing Good. Looking for cohorts.
Feb 20, 2004
3,280
2,357
113
GTA & Thereabouts...
stinkynuts said:
This is actually the strongest layer of security, since only you know it. There’s no way to bypass it.

Obviously, it will be pointless to have the security feature. If the system didn’t lock you out after a few attempts. If they didn’t, they could just try to combination since the combination is only four digits.

Anyone with a brokerage account should activate this feature. I know TD has it.
Click to expand...
I’ll check out my TD now. Thanks!
 
  • Like
Reactions: Trevor Wong and stinkynuts
S

stinkynuts

Super
Jan 4, 2005
8,811
3,100
113
farquhar said:
My Mother got a letter from CIRO last night indicating that she is included in this data breach.

CIRO has offered 2 Years of Free Credit Monitoring with TransUnion and Equifax.

There is also a Class Action Lawsuit pending.
Click to expand...
If your mother is elderly, there’s a very good chance she could fall to a scam. Make sure she makes no major transactions without your knowledge.

Scammers will convince elderly people not to tell anybody. There is a high risk that your mother could lose everything in her account if she doesn’t take precautions.
 
  • Like
Reactions: Muchadoaboutnothing and Trevor Wong
F

farquhar

Well-known member
Jan 25, 2019
1,367
1,371
113
stinkynuts said:
If your mother is elderly, there’s a very good chance she could fall to a scam. Make sure she makes no major transactions without your knowledge.

Scammers will convince elderly people not to tell anybody. There is a high risk that your mother could lose everything in her account if she doesn’t take precautions.
Click to expand...
Well, her account is with CIBC Wood Gundy; while there is an Online Portal, only the Investment Advisor is able to sell securities and withdraw funds to the linked Bank Account. There is no functionality to do that Online.

That doesn't mean that someone couldn't attempt to impersonate her; but the Advisor knows what her usual transaction activities are, and I am her Power of Attorney/Trading Authority as well.

If there were an unusual request from someone pretending to be my Mother by phone or e-mail, he would phone me immediately to verify.

I also have access to her Bank Account, so I can monitor that. And she doesn't know how to use a computer or cellphone, so perhaps that helps her avoid scams as well.

Unfortunately, I don't have the option to freeze her Credit File like consumers in Quebec and British Columbia do.

Now that her info is out there, it's out there forever; CIRO deserves to get sued, and I hope they settle quickly and don't drag the process out.
 
Last edited:
  • Like
Reactions: Trevor Wong and stinkynuts
Muchadoaboutnothing

Muchadoaboutnothing

There was a star danced, and under that was I born
Feb 18, 2023
1,377
886
113
Insula Avallonis
stinkynuts said:
If your mother is elderly, there’s a very good chance she could fall to a scam. Make sure she makes no major transactions without your knowledge.

Scammers will convince elderly people not to tell anybody. There is a high risk that your mother could lose everything in her account if she doesn’t take precautions.
Click to expand...
This happened to my grandmother on more than one occasion. Crazy because shes always been super cheap but somehow was okay giving $10,000 three times to scammers. Same with my uncles dad. It was just awful
 
  • Like
Reactions: stinkynuts
You must log in or register to reply here.
Ashley Madison
Previous Thread Next Thread
Toronto Escorts
Top Bottom