The Niverville Credit Union was one of many credit unions across the province, and even the country, to close its doors to members last week. The reason? A potential breach to a key cybersecurity system.
The red flag incident, which occurred on June 8, resulted in the implementation of a crisis response plan by Celero Solutions, a Calgary-based company that provides digital technology services to credit unions and financial institutions across Canada. The incident was described by Celero as “unauthorized access to the company’s systems.”
“We immediately convened our incident response team and took a number of security measures,” the company said in a statement to the CBC on Monday. “We have received assurances that our network and systems are secure.”
On Friday of last week, two days after the incident occurred, Celero told the CBC that there had been no evidence that any member data had been compromised at that point.
“The ability of some members to access online services may be impacted due to individual credit union’s actions as part of the ongoing investigation and response into the incident,” the company said.
Ken Rempel, CEO of the Niverville Credit Union (NCU), says that, out of an abundance of caution, some of their systems were immediately taken offline and in-branch transactions were paused.
Even so, Rempel says that NCU’s three NCU branches, located in Niverville, Steinbach, and Landmark, were able to continue to provide telephone service, online and mobile banking, ATM, Point of Sale service, and e-transfer services.
“On Monday, June 13, our Niverville and Steinbach branches opened to provide cash transactions and loans administration services, as well as continuing to provide telephone services,” says Rempel. “On Tuesday, June 14, our Landmark branch opened to provide these same services. We are making progress by the day, and we will share updates as relevant information becomes available.”
As to whether Rempel feels NCU members have any cause for concern, he suggests that the response to the threat was rapid and security measures were amped up upon discovery of the incident.
“Our primary focus is to secure systems and protect member information,” Rempel adds. “We will provide an update to any individual members should one be warranted.”
Amie Warkentin is the director of strategic communications for Credit Union Central of Manitoba. She says that credit unions are highly regulated and take cybersecurity very seriously.
“The integrity of member data is a top priority for credit unions at all times,” Warkentin told the CBC. “Credit unions take action on an ongoing basis to ensure the safety and security of their systems.”
According to the Celero Solutions website, the company boasts a cybersecurity rating of 86 out of 100 and they describe themselves as “a complete security solution that allows financial institutions to prepare for, defend against, and respond to cyber attacks.”