July 5, 2022

The Queens County Citizen

Complete Canadian News World

Data theft at Desjardines | Fake computer failure to corner suspect

Data theft at Desjardines |  Fake computer failure to corner suspect

Court documents released on Monday revealed that Desjardins faked a computer failure to pinch the main culprit in a massive leak of confidential customer data in 2019.

Hugo Jonkas

Hugo Jonkas

The movement is related to an internal investigation into its former employee Sebastian Boulanger-Dorwall.

“On Friday, May 24, at 1:00 pm, the Desjardines decided to suspend access to a system used by many Desjardines employees, including Boulanger, which outlines the research methods used. Deszardins mimicked the failure of this system without provoking Boulanger’s suspicions. ”

An hour later, Movement used the opportunity to remotely access his computer and copy three “suspicious files” while he was working from home.

“From that moment on, access to Boulanger’s systems was suspended and his laptop was closely monitored,” Desjardins’ lawyers added.

These explanations can be found in the request made on May 26, 2019 to conduct a civil siege of the “Anton Pillar” type.

USB key

Thanks to this operation, “at 3 o’clock in the afternoon, Boulanger plugged a USB key into his work computer to transfer confidential files,” the movement’s researchers found.

Photo from court documents

According to court documents, the USB key was given to Sebastian Boulanger-Dorval Desjardins investigators in lieu of containing the stolen information. It is connected to a computer survey device here.

Deszardins contacted the suspect, stating that his laptop was “infected with a virus” and that the movement “should restore it without delay”.

A security guard advises him over the phone not to use the device while waiting for a team member to come in claiming he has a malware infection.

Nothing works. According to the incident, Sebastian Boulanger-Dorwall turned on his computer and destroyed the information.

An employee of the intelligence office tries to go to his house, but does not have the correct address. Desjardins calls his employee back to get his real contact details and advises him to return the “USB key he plugged into his computer at 3pm”.

The movement finally got on the equipment at 8pm, but according to documents, its crew realized that Sebastian Boulanger-Dorwall had deceived them by handing them another key.

Finally, Deszardins can set up a list of 40 files transferred to his device. This listing has been modified because it contains confidential information.

Cash, Hard Drive and “Confession”

The request, which was partially publicized on Monday, allowed the movement to seize the equipment from its employee on May 26, 2019. Security personnel found $ 30,100 in cash and more than twenty credit cards at his residence. Prepaid, including court documents Press Already reported.

Sebastian Boulanger-Dorwall admitted to selling confidential information for 15 months before being identified.

The researchers in particular got their hands on the external hard drive, which “contains all the information about the members and clients of the Desjardines he sold”, as the former employee told them.

The massive leak of confidential data revealed in June 2019 affected a total of 9.7 million customers.

No charges have been filed against Sebastian Boulanger-Dorwal or other suspects in the investigation.

READ  Google destroys a huge botnet