Skip navigation
Navigation skipped
About BMO

News Releases

BMO Contacting Affected Customers Directly to Reassure Them Personal Information is Secure  

 

BMO Financial Group today announced that it is contacting customers whose information was contained on two obsolete computer servers to reassure them that their accounts remain secure and that their personal information was not compromised.   According to BMO, the information found on the servers pertained to approximately 350 customers.

Late Friday, September 12, BMO discovered that a contracted third party supplier had mistakenly shipped two bank computer servers to a ‘reseller’ before the customer data had been ‘scrubbed’ or deleted from the servers by the bank’s supplier.

“We moved immediately to contact the individual who had purchased the servers and had the servers and the data back in our possession the next day,” said Dina Palozzi, Chief Privacy Officer for BMO Financial Group.  He cooperated with us fully and was responsible enough to hold the equipment and data for us to pick up.”

She added that customer information and accounts remain secure as no one other than the bank has possession of this customer data.

“We are contacting our customers directly to explain what has happened and to assure them that their information has not been compromised.  We will continue to monitor their accounts as an added precaution.  Equally important, we are taking steps with all suppliers to ensure this does not happen again,” said Palozzi.

Palozzi said that BMO has initiated a complete review of its processes and those of its third party providers to identify how the current process can be improved.

“Because this was human error, the first thing we can do is to ask our suppliers to review, with their staff, their own processes and safeguards; to provide their staff with additional coaching and training; and to ensure everyone understands and renews their commitment to protecting our customer information,” she said.  “We’re looking at everything to see what additional layers of precaution we can incorporate into our existing processes.

“Privacy of personal information is paramount to us. We take this extremely seriously,” added Palozzi.

-30-