P2019-ND-186

Servus Credit Union Ltd.

On August 1, 2019, an unauthorized individual was able to successfully access a member?s account. The incident occurred when online banking access was granted over the phone via poor authentication practice by an agent of the Organization, contrary to posted policy. The incident was discovered on August 2, 2019 when the unauthorized individual contacted the Organization again and spoke to a different agent who refused access, cancelled online banking, and contacted Corporate Security. The breach was discovered during a subsequent investigation.

File Type: pdf
Categories: 2019
Tags: Unauthorized access