Cyber attack on Promutuel: no financial information disclosed

Visibility360, PDF version to share

By Hubert Roy | Jan. 18, 2021, 5:06 p.m.

PROMUTUEL | Cyberrisks

Photo: Freepik

The cyber attack that hit Promutuel Assurance took a new turn last week.

The Journal de Montréal’s investigation bureau reported on January 13 that data from 15 of the insurer's client files had been posted on the dark web. This revelation prompted the insurer to issue its second update on the situation in the past week. Its only announcement prior to this was when the cyber attack struck on December 12.

Promutuel confirmed the breach affecting these 15 files. In a press release on Jan. 15, it stated that the analysis of these files has been completed and that they do not contain any Social Insurance Number (SIN), driver's license number, credit card number or any other banking information. On Jan. 18, the insurer also said that, so far, the leaked files belong to the group’s employees and retirees. No client data has been compromised, according to Promutuel.

Promutuel added that the situation has been reported to the regulatory authorities and to the police. It is continuing its investigation.

The insurer adamantly denies that it is taking this crisis too lightly. We are treating this situation seriously and will deploy all necessary measures to protect those potentially affected, its website read.

Telephone system

Incidentally, setting up an emergency telephone system can create its own hurdles, the website adds. The insurer points out that the system records an error code when the number used is hidden.

This prevents the insurer from hearing the caller’s message. To allow proper follow-up of a claim, Promutuel advises insured to avoid hiding their telephone number when they call the system. 

Promutuel's customers who deal with brokers are invited to contact the broker for details regarding their insurance coverage.

For people who are unable to reach the insurer by phone, Promutuel has set up an email address: [email protected].

As for when its systems will be operational again, Promutuel says the recovery will be implemented gradually over the next few weeks.

Latest advisory: Fraudulent calls

On Friday morning, the insurer updated its website again to state that some of its insured members have been called by people impersonating Promutuel Assurance to obtain banking information. The insurer encourages its insured members to be vigilant and not provide this information. They should call their insurer instead. This problem has been reported to the police.

Regarding the resumption of pre-authorized debit payments, a written notice will be sent to insured members with details on the terms and conditions, the insurer’s website says.