Bank of Nova Scotia Data Breach (2011)

Richard Wilson, an employee of the Bank, has admitted to providing private and confidential information of Bank customers to his girlfriend, who then disseminated the private information to third parties for fraudulent and improper purposes. As a result of the Bank employees conduct, a substantial number of the Banks customers became victims of identity theft and fraud, which has negatively affected their credit rating. [3] Wilson was employed by the Bank as a Mortgage Administration Officer, from September 24, 2007, until June 12, 2012. In this position he had access to highly confidential customer information. [4] The Bank identified a marked spike in the number of customer files accessed by Wilson commencing on or about July 1, 2011. The Bank has identified 643 Bank customers (the Notice Group) whose files were accessed by Wilson from July 1, 2011, until his computer access was terminated on May 18, 2012. [5] In June of 2012, the Bank wrote to the Notice Group and advised them that it was possible that there had been unauthorized access to their private information held by the Bank. The Bank offered them a complimentary subscription to a credit monitoring and identity theft protection service. To date, 138 members of the Notice Group have advised the Bank that they have been the victims of identity theft or fraud in the past year. The Bank has compensated these victims for the pecuniary losses that they have suffered.