Home / Fraud / The Canadian Investment Regulatory Organization (CIRO) Suffers Data Breach Exposing Information of 750,000 Canadian Investors

The Canadian Investment Regulatory Organization (CIRO) Suffers Data Breach Exposing Information of 750,000 Canadian Investors

2026-01-19 Per Henrikson

A sophisticated phishing attack hit the Canadian Investment Regulatory Organization (CIRO), the national self-regulatory body overseeing investment dealers, mutual fund dealers, and trading activity in Canada. The attack occured in August 2025. Following a sophisticated phishing attack, approximately 750,000 Canadian investors had their sensitive personal and financial information compromised. The initial access was achieved via phishing, mapped to MITRE ATT&CK technique T1566: Phishing. The sophistication of the attack suggests the possible use of spearphishing attachments (T1566.001) or spearphishing links (T1566.002).

Source: www.rescana.com

The Canadian Investment Regulatory Organization (CIRO) Suffers Data Breach Exposing Information of 750,000 Canadian Investors

Dubai Police Warn of Digital Identity Fraud Attempts

Mecedonian citizens will have their ID cards and driver's licenses on their

Facephi Enters the Japanese Identity and Fraud-Prevention Market via Hancom

Sri Lanka plans ‘Digital Identity Card’ and a ‘Super App’ that will enable access to all Government services

Veremark acquires RMI to double down on Southeast Asia’s trust economy