- CIRO breach exposed sensitive data of 750,000 Canadian investors
- Hackers stole personal details but not passwords or PINs
- CIRO offers two years of free credit monitoring and identity protection
The 2025 cyberattack at the Canadian Investment Regulatory Organization (CIRO) has impacted approximately 750,000 Canadians, as confirmed by the organization.
Established in 2023, CIRO serves as Canada’s national self-regulatory body overseeing investment dealers, trading activities, and market integrity.
In mid-August 2025, CIRO reported a cyberattack and data breach, which necessitated the shutdown of parts of its infrastructure and the initiation of an extensive forensic investigation to ascertain the details of the incident.
CIRO Protects Its Customers
The investigation has concluded, revealing that sensitive data of around 750,000 Canadian investors was compromised. This includes dates of birth, phone numbers, annual income, social insurance numbers, government-issued ID numbers, investment account numbers, and account statements.
Although login details such as passwords, security questions, and PINs were not stolen, CIRO warns that the breach remains serious. With this information, cybercriminals could launch convincing phishing attacks, potentially tricking victims into revealing their login credentials and accessing their investment platforms.
CIRO emphasized that its investigation was thorough, with investigators dedicating over 9,000 hours to the case.
Fortunately, the data has not surfaced on the dark web or been misused. To assist those affected, CIRO is providing two years of free credit monitoring and identity theft protection services, which will be beneficial if phishing attempts arise.
Affected individuals will receive a direct email from CIRO with instructions on how to enroll in the identity protection service. Those who do not receive a notification can contact CIRO directly.
Via BleepingComputer