The Canadian Investment Regulatory Organization (CIRO) serves as the country’s national self-regulatory authority for investment dealers and marketplaces, with responsibilities that include investor protection, regulatory enforcement, and ensuring the integrity and efficiency of Canada’s capital markets.
CIRO has disclosed that a phishing attack in August 2025 led to the unauthorized access and theft of personal information belonging to approximately 750,000 individuals. While the incident required certain systems to be taken offline as a precaution, the organization confirmed that its core operations remained unaffected.
According to CIRO, the security incident was swiftly contained, and investigations found no evidence of an ongoing threat. The compromised data primarily related to member firms and registered employees, along with some investor and investigative records.
The organization detected the cyber intrusion in August 2025 and acted promptly to limit its impact. CIRO informed law enforcement and relevant regulatory authorities and engaged external cybersecurity specialists to conduct a detailed forensic investigation. Findings revealed that only a restricted portion of investigative, compliance, and investor-related data had been copied.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: