Home / Crime and Justice / 750,000 Canadians Targeted in Major Data Breach
750,000 Canadians Targeted in Major Data Breach
20 Jan
Summary
- Roughly 750,000 Canadians had sensitive data exposed in a cyberattack.
- Exposed data includes birth dates, income, and government-issued ID numbers.
- Affected individuals receive two years of free credit monitoring and protection.
The Canadian Investment Regulatory Organization (CIRO) recently confirmed that a cyberattack in mid-August 2025 resulted in the exposure of sensitive data belonging to roughly 750,000 Canadian investors. The organization, established in 2023 to oversee Canada's investment market integrity, conducted an extensive forensic investigation lasting over 9,000 hours to understand the full scope of the breach.
The investigation revealed that personal information such as dates of birth, phone numbers, annual income, social insurance numbers, government-issued ID numbers, and investment account statements were accessed by hackers. While critical login details like passwords and security questions were reportedly not compromised, the exposed data poses a significant risk for targeted phishing attacks.
CIRO has assured that the compromised data has not been found on the dark web or misused. As a proactive measure, all 750,000 affected Canadians are being offered two years of complimentary credit monitoring and identity protection services. Affected individuals will be directly contacted by CIRO with instructions for enrollment, while those who do not receive notification can reach out to the organization.
