Credit Suisse Group has reportedly warned some of its staff that a former employee made copies of their personal data year ago, including details of their pay.
According to reports by Bloomberg, the ex-employee had legitimate access to the data at the time and transferred it onto a personal device, which was against Credit Suisse policies.
The breach was detected in March 2021 and employees were notified this week after an internal investigation and attempts to recover the data. The delay was partly due to identifying who took the data, a process which involved going to court, according to the newswire.
The data taken included information about salaries between 2013 and 2015, as well as bank details used to for salary payments. The data varies by employee and the investigation found no evidence that the data was shared or used maliciously.
“Having investigated it thoroughly, we have taken and are continuing to take steps – including legal remedies — to adequately contain the incident,” the Zurich-based company said in a statement to Bloomberg. “To date, there is no evidence of any onward transmission or intent to use the data in any way.”
This follows the news that US-based private-equity firm Apollo Global is reportedly in talks to buy a stake in Credit Suisse’s investment bank.
Recent Stories