Wealthsimple says some SINs accessed in ‘data security incident’

Wealthsimple says some Canadian clients have had their personal data — including Social Insurance Numbers — compromised in a 'data security incident.'

Wealthsimple says some Canadian clients have had their personal data — including Social Insurance Numbers and other sensitive information — compromised in a “data security incident” on Aug. 30.

A statement by the popular personal finance and investing platform posted on Sept. 5 says it detected the incident on Aug. 30 and “all accounts remain secure, and no funds were accessed or stolen.”

“We acted quickly and in a few hours the issue was contained. Our security team, with the help of external experts, immediately began a thorough investigation,” Wealthsimple said in the statement.

“We learned that a specific software package that was written by a trusted third party had been compromised. This resulted in personal data belonging to less than one per cent of our clients being accessed without authorization for a brief period.”

Global News received confirmation from Wealthsimple that the company has “about 3 million clients.”

Wealthsimple says in its statement that it has sent out emails to affected users, and adds that if clients did not receive an email from them as of 10:30 a.m. Eastern regarding this specific incident, then their data was not compromised.

“We take the trust you put in us very seriously. And intrinsic to that trust is being transparent. That’s why we notified our clients as soon as possible, shared as much information as we could, and let them know we’re dedicated to doing everything we can to support them,” the statement says.

“Most importantly, we apologize to those clients whose data was accessed — and to all our clients, because threats to personal data can cause a lot of anxiety.”