Microsoft 365 remains healthcare’s weakest security link, with breaches rising from 43% in 2024 to 52% in mid-2025. Patient data exposure, soaring costs, and AI-driven cyberattacks in Australia highlight urgent gaps. Policymakers face mounting pressure to safeguard data sovereignty.
Canadian fintech firm Wealthsimple has disclosed a data breach affecting 30,000 clients after a third-party vendor was compromised. The incident exposed sensitive personal information, including Social Insurance Numbers, prompting an immediate response and enhanced security measures.
Artificial Intelligence has become the new battleground of global politics. Washington and Beijing pursue Dual-Carriage Politics, blending economic ambition, military strategy, and social values. From classrooms to trade wars, AI now shapes power, society, and the fragile balance of global order.
Canadian fintech firm Wealthsimple has disclosed a data breach affecting 30,000 clients after a third-party vendor was compromised. The incident exposed sensitive personal information, including Social Insurance Numbers, prompting an immediate response and enhanced security measures.
Cyber News Centre's cyber update for 8th September 2025: Wealthsimple has confirmed a security breach that exposed the personal data of approximately 30,000 of its clients after a third-party software package was compromised.
Wealthsimple is a Canadian online investment management service focused on making investing accessible to everyone. Founded in 2014, the Toronto-based company offers financial services in Canada, including investing, cryptocurrency trading, tax filing, and high-interest savings accounts, serving over three million clients.
Update: Wealthsimple detected a security breach on August 30, 2025, which it contained within hours. The company confirmed on September 6 that the incident stemmed from a compromised third-party software package, not from a direct attack on its own systems. The breach exposed sensitive personal information of fewer than 30,000 clients, including names, contact details, government-issued IDs, account numbers, IP addresses, dates of birth, and Social Insurance Numbers (SINs). Wealthsimple has stated that no client passwords were compromised, and no funds were accessed or stolen.
The company has notified all affected clients directly and is offering two years of free credit monitoring, dark web surveillance, and identity theft protection services. In a statement, the company said,
"All accounts remain secure, and no funds were accessed or stolen. We acted quickly and in a few hours the issue was contained."
Wealthsimple has also informed relevant government regulators and implemented enhanced data security measures.
Why it Matters: This incident highlights the significant and growing risk posed by third-party vendors in the supply chain. Even with robust internal security, organizations remain vulnerable to breaches originating from their partners. For the 30,000 affected Wealthsimple clients, the exposure of their Social Insurance Numbers and other personal data creates a serious risk of identity theft and fraud.
This breach serves as a critical reminder for all financial institutions to rigorously vet and monitor the security practices of their third-party vendors. The incident also underscores the importance of a rapid and transparent response to maintain customer trust in the face of a breach.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Australian businesses face a 1,265% surge in AI-powered phishing attacks. Cybercriminals use deepfakes, adaptive malware, and hyper-personalised scams while employees inadvertently leak data through AI tools. Expert insights reveal dual threats and essential protection strategies.
Tire giant Bridgestone has confirmed a cyberattack that disrupted manufacturing across its North American facilities. The company is investigating the incident but believes it was contained early, with no customer data compromised. Production has been impacted at multiple plants.
Jaguar Land Rover's global production has been severely disrupted by a cyberattack, with a group of hackers claiming responsibility. The incident has halted manufacturing at key UK plants and impacted retail operations during a peak sales period, raising concerns about supply chain vulnerabilities.
A ransomware attack on IT supplier Miljödata has crippled services for over 200 Swedish municipalities, disrupting HR and healthcare systems. The attack highlights the severe risks of supply chain vulnerabilities in critical public infrastructure, with a police investigation underway.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
