Hello All.
I have a question for any of you out there who are somewhat knowledgeable on the topic.
I received a notice from a company that I have an account with and which I pay through bill payments on my online banking (as a payee). The notice was to inform clients that they had a 'cybersecurity incident' and that they found that a lot of client data and information was compromised. They went as far as to say information such as names, addresses, dates of birth, driver license numbers. expiry dates, and even bank account information and credit card information (numbers and expiry dates) were stolen. Luckily, they never had my cc info as I never used it with them.
They advised that we monitor our credit profiles on the two credit bureaus in Canada and to routinely check our bank accounts for suspicious activity. They essentially put the onus on the clients to make sure that their lack of proper security won't harm the client.
So my question is this. How is the company held accountable, if say, a couple of months down the line or a year from now, someone takes a mortgage out in my name with the stolen info? How can this be attributed to that specific data theft? I mean it seems easy for that company to just say that there is no proof that the data was stolen as part of the breach they experienced.
It's scary to think that this happens and it isn't the first, and likely not the last time this will happen to me or others out there. I take precautions and I do check bank accounts daily, and check both my Equifax and Transunion accounts weekly for anything suspicious. I even go as far as to request a parcel register on my home every 6 months just to make sure no one has taken a mortgage out on my property. I am paranoid about that stuff but it seems that it is very difficult to fully protect ourselves from.
I have a question for any of you out there who are somewhat knowledgeable on the topic.
I received a notice from a company that I have an account with and which I pay through bill payments on my online banking (as a payee). The notice was to inform clients that they had a 'cybersecurity incident' and that they found that a lot of client data and information was compromised. They went as far as to say information such as names, addresses, dates of birth, driver license numbers. expiry dates, and even bank account information and credit card information (numbers and expiry dates) were stolen. Luckily, they never had my cc info as I never used it with them.
They advised that we monitor our credit profiles on the two credit bureaus in Canada and to routinely check our bank accounts for suspicious activity. They essentially put the onus on the clients to make sure that their lack of proper security won't harm the client.
So my question is this. How is the company held accountable, if say, a couple of months down the line or a year from now, someone takes a mortgage out in my name with the stolen info? How can this be attributed to that specific data theft? I mean it seems easy for that company to just say that there is no proof that the data was stolen as part of the breach they experienced.
It's scary to think that this happens and it isn't the first, and likely not the last time this will happen to me or others out there. I take precautions and I do check bank accounts daily, and check both my Equifax and Transunion accounts weekly for anything suspicious. I even go as far as to request a parcel register on my home every 6 months just to make sure no one has taken a mortgage out on my property. I am paranoid about that stuff but it seems that it is very difficult to fully protect ourselves from.
