Today, we received notification from Capital One Canada, that five months ago their computer systems were breached and our personal credit information, along with a million other Canadians, was stolen, which also included our social insurance numbers. A few months ago, we received a similar notice from the BMO for basically the same reason.
These financial institutions demand their customer’s comprehensive personal information, but don’t seem to be able to keep the information secure. In the case of Capital One, the breach happened in March, but they didn’t catch it for four months and then took another month to notify us.
Capital One offered their apologies and stated they didn’t believe any of our personal information had been used, but could offer no assurances. They have offered free identity theft insurance for two years with a third-party company called TransUnion.
First of all, one’s social insurance number is valid indefinitely and can still be used long after the two years is up, Secondly, I did an online search of TransUnion with numerous consumer agencies, including Consumer Affairs, and the company gets horrible ratings.
On one consumer agency site, TransUnion received 84% one-star reviews, which is the lowest rating that reviewers may give. The comments were very unflattering.
TransUnion, of course, requires all of one’s personal information and it appears that Capital One believes that by offering a two-year insurance coverage with the appalling reviewed, TransUnion, that they have fulfilled their obligation to their clients.
I have written a letter to the president of Capital One insisting on answers and recommend that anyone else who is concerned, to do the same.