The group president and CEO of Desjardins was called to testify for his company, following a massive data breach incident that left the data of all of the co-operative’s 4.2 million clients exposed.
Chief executive Guy Cormier spoke to Quebec legislators on Thursday, The Canadian Press reported. In his testimony, he said that data thefts happen all the time, adding that lawmakers should redirect their attention from his company and “expand” their focus to include the larger problems surrounding securing personal information.
Cormier also mentioned other cases of major data breaches in recent memory, specifically those involving Marriott, Disney and Sephora. He also called internal fraud the “bete noire” of all organizations.
In June, Desjardins initially reported that the information of 2.9 million customers had been affected by the breach, which was caused by an employee who leaked the data. The information compromised involved names, addresses, birth dates, social insurance numbers, email addresses, and even data on transaction habits.
The information did not include banking data or passwords.
Cormier said that his company has “worked hard” since June to address the data breach.
“We fired the employee at fault. We developed new protections that are unequalled in Canada and also in a record time,” he explained.
The chief executive added that his bank invests $70 million annually in IT protection and cybersecurity.
Adamant that his company handled the situation as best it could, Cormier suggested that other companies that have suffered breaches of their own could learn a lesson from Desjardins.
“Who else acted with as much transparency, and the same sense of duty that Desjardins has shown in the past months?” he said.
The Canadian Press said that the Quebec government is preparing two bills related to personal data security. Both are scheduled to be tabled in the weeks to come.