Credit Suisse reveals ‘data breach’ by former employee

Credit Suisse Group has reportedly warned some of its staff that a former employee made copies of their personal data year ago, including details of their pay.

According to reports by Bloomberg, the ex-employee had legitimate access to the data at the time and transferred it onto a personal device, which was against Credit Suisse policies.

The breach was detected in March 2021 and employees were notified this week after an internal investigation and attempts to recover the data. The delay was partly due to identifying who took the data, a process which involved going to court, according to the newswire.

The data taken included information about salaries between 2013 and 2015, as well as bank details used to for salary payments. The data varies by employee and the investigation found no evidence that the data was shared or used maliciously.

“Having investigated it thoroughly, we have taken and are continuing to take steps – including legal remedies — to adequately contain the incident,” the Zurich-based company said in a statement to Bloomberg. “To date, there is no evidence of any onward transmission or intent to use the data in any way.”

This follows the news that US-based private-equity firm Apollo Global is reportedly in talks to buy a stake in Credit Suisse’s investment bank.

    Share Story:

Recent Stories


The human firewall: Activating employees to safeguard financial data
As financial services increasingly embrace SaaS and cloud-based technologies, they face emerging threats to safeguard sensitive customer data. While comprehensive IT security measures are essential, the active involvement of employees across organisations is pivotal in ensuring the protection of sensitive data.

Building a secure financial future for instant payments: The convergence of ISO 20022 and fraud detection
The financial landscape is rapidly evolving its approach to real-time transactions under the ISO 20022 standard, and financial institutions must take note. With examples such as the accelerated adoption of SEPA Instant Credit Transfers in Europe and proposed New Payment Architecture (NPA) programme in the UK, the need for swift and effective fraud detection is more crucial than ever.

Data Streaming and Consumer Duty: Transforming customer experience in banking
Introduced at the end of July, the Consumer Duty is a game-changing new set of rules and guidance for financial services institutions in the UK, and companies must look to modernise their systems in adherence with it in mind to create the best customer experience possible.

From insight to action: Empowering financial institutions through advanced technology and collaborative information sharing
The use of Information sharing in enhancing financial crime prevention has been universally agreed as being beneficial. However no-one has been able to agree on how information can be shared safely without breaching data protection laws or having the right systems to facilitate this, Information sharing has re-emerged as a major consideration for financial institutions (FIs) ahead of the Economic Crime and Corporate Transparency Bill being made into law in the UK.