Alleged mastermind in major data theft, fraud at Desjardins among 5 arrested

Quebec provincial police have arrested five people in connection with a multimillion-dollar fraud and the theft of data belonging to almost 10 million clients of the co-operative financial group Desjardins.

Among those arrested, police said Thursday, is the alleged architect of the scheme, Sébastien Boulanger-Dorval, 42, who worked in the marketing department at the financial institution until 2019, the year the theft was discovered.

The four other people arrested are Jean-Loup Masse-Leullier, 32, François Baillargeon-Bouchard, 35, Laurence Bernier, 29, and Charles Bernier, 31. They face charges including fraud, identity theft, and trafficking in identity information.

Police said arrest warrants have been issued for three other people allegedly involved in the crimes at Desjardins: Mathieu Joncas, 38, Maxime Paquette, 38, and Juan Pablo Serrano, 38.


Breaking news from Canada and around the world
sent to your email, as it happens.

At a news conference in Quebec City on Thursday, provincial police spokesman Benoît Richard said the investigation “shed light on how suspects obtained personal information, the ways in which this personal information was then traded between suspects and how these lists were sold to malicious individuals operating several fraud schemes.”

Story continues below advertisement

On Wednesday, Montreal-area police said they had arrested three people connected to the case: Ayoub Kourdal, 36; Imad Jbara, 33; and an unnamed third person. Laval police said the three suspects used the stolen Desjardins data to commit fraud totalling $8.9 million between September 2018 and January 2019.

The Office of the Privacy Commissioner of Canada and the Commission d’accès à l’information du Québec published scathing reports in 2020 that concluded Desjardins failed to show the level of attention required to protect its customers’ data.

The OPC report said Desjardins notified the federal office on May 27, 2019, about a breach involving close to 9.7 million individuals in Canada and internationally.

It found that Desjardins had been aware of the security weaknesses that led to the breach, but failed to address them in time. The breach occurred “over more than a two-year period before Desjardins became aware of it, and then only after the organization had been notified by the police,” the report said.

&copy 2024 The Canadian Press

Leave a Reply

Your email address will not be published. Required fields are marked *