Log In
Register
Topic RSS
Facebook
Twitter
Email this1:21 pm
September 7, 2018
Offline
CIRO-OCRI Canadian Investment Regulatory Organization has advised that they have experienced a cybersecurity incident in August 2025 involving unauthorized access to personal information - they are now advising the 750,000 Canadian investors affected. No doubt some of you have either already received the letter or will receive it shortly.
1:41 pm
January 12, 2019
Offline
.
Link❓
- Dean
" Live Long, Healthy ... And Prosper! "
6:59 pm
March 15, 2019
Offline
canadian.100 said
CIRO-OCRI Canadian Investment Regulatory Organization has advised that they have experienced a cybersecurity incident in August 2025 involving unauthorized access to personal information - they are now advising the 750,000 Canadian investors affected. No doubt some of you have either already received the letter or will receive it shortly.
Yes, already received the letter. What now?
"What now brown cow?"
4:58 am
September 7, 2018
Offline
COIN said
Yes, already received the letter. What now?
"What now brown cow?"
I see information now appearing on this cybersecurity breach just by doing a simple search on the internet - start with CIRO. Canadian Investment Regulatory Organization. I guess personal information for 750K persons has been accessed - probably not much can be done once the horse is out of the barn.
I note a reference to a possible class action. More to come............
7:35 pm
March 15, 2019
Offline
I was with Simplii when they got hacked.
Didn't lose any money. Simplii paid me $90 to put the issue to rest. No legal action.
9:44 am
January 10, 2017
Offline
Dean said
.
Link❓
Dean
https://www.ciro.ca/ciro-cyber.....istrants#1
Question I have is if a person was affected but never received the letter (not sent, lost in transit, etc) how can they confirm they were or were not impacted?
5:56 am
January 9, 2011
Offline
COIN said
Yes, already received the letter. What now?
"What now brown cow?"
Just received my letter yesterday. Same question - "What now brown cow?" They offer free credit monitoring and identity theft protection for 2 years. I'm already a 'basic free member', so I'll see what it takes to get onto this (normally) pay service and let everyone know here. I suppose taking this may cancel the ability to join a class action...
My memory's not as sharp as it used to be. Also, my memory's not as
sharp as it used to be.
6:20 am
January 9, 2011
Offline
dougjp said
Just received my letter yesterday. Same question - "What now brown cow?" They offer free credit monitoring and identity theft protection for 2 years. I'm already a 'basic free member', so I'll see what it takes to get onto this (normally) pay service and let everyone know here. I suppose taking this may cancel the ability to join a class action...
Not difficult. If you are a free member and sign in at members.transunion, this offer has a different (pay site) URL as stated in the letter, so after entering the code given just sign up and it works.
My memory's not as sharp as it used to be. Also, my memory's not as
sharp as it used to be.
10:03 am
December 16, 2020
Offline
Received my letter dated Jan 24, 2026 as follows ---> “Our investigation now indicates that your personal information was accessed during this incident, unfortunately, this includes your address, date of birth, phone number, social insurance number, account number.”
Transunion server offered for registration of free 2 year account was down for me last week (likely crashed due to number of people accessing after receiving their letters), so I called Transunion and Equifax directly and they put a “Fraud Alert” warning on my account. Amazingly, this warning comes 5 months after the actual incident.
Canadians in most provinces can also freeze their credit, but unfortunately BC does not allow this yet.
There is an application for Class Action but if history is any guide, I expect any settlements to be paltry in relation to the grief and possible future stress this lack of protection of investors sensitive data entails.
10:17 am
December 16, 2020
Offline
Lex Group Inc. has launched a class action against the Canadian Investment Regulatory Organization (CIRO) / Organisme Canadien De Réglementation Des Investissements (OCRI), regarding a data breach which occurred on or about August 11, 2025.
10:28 am
December 16, 2020
Offline
A former dealing representative has asked the Superior Court of Quebec to authorize a class action against the Canadian Investment Regulatory Organization (CIRO), alleging the regulator failed to protect private information, and seeking damages. The application pertains to the regulator’s cybersecurity breach last summer that exposed the personal data of registrants past and present.
The plaintiff (whom we’ve agreed not to name) was a rep with DWM Securities Inc. in Lachine, Que. He hasn’t been registered since 2013, according to the Canadian Securities Administrators’ (CSA) national registration search.
The class action application states that the plaintiff wishes to institute a class action on behalf of “all persons in Canada whose personal or financial information was held” by CIRO “and was compromised in the data breach … or who received an email or letter from [CIRO] informing them of such data breach.”
3:57 pm
January 9, 2011
Offline
ExtraSauce said
A former dealing representative has asked the Superior Court of Quebec to authorize a class action against the Canadian Investment Regulatory Organization (CIRO), alleging the regulator failed to protect private information, and seeking damages. The application pertains to the regulator’s cybersecurity breach last summer that exposed the personal data of registrants past and present.The plaintiff (whom we’ve agreed not to name) was a rep with DWM Securities Inc. in Lachine, Que. He hasn’t been registered since 2013, according to the Canadian Securities Administrators’ (CSA) national registration search.
The class action application states that the plaintiff wishes to institute a class action on behalf of “all persons in Canada whose personal or financial information was held” by CIRO “and was compromised in the data breach … or who received an email or letter from [CIRO] informing them of such data breach.”
Sounds very much like someone " not-voluntarily-retired-seeking-pension" &/or revenge-for-having-been let go....
I have yet to read anything about anyone having been subjected to specific damage. Not saying it couldn't happen, but, it's been 6 months, and crickets?
My memory's not as sharp as it used to be. Also, my memory's not as
sharp as it used to be.
4:59 pm
April 27, 2017
Offline
Per person compensation is likely to be small. But it's not a bad idea to start imposing costs on orgs which allow the breaches. Right now they get away too cheaply, so little incentive to invest in security. Breaches are becoming more and more frequent.
