Company Details
desjardins
43,222
365,039
52211
desjardins.com
0
DES_2216604
In-progress


Desjardins Company CyberSecurity Posture
desjardins.comDesjardins Group is the largest cooperative financial group in North America and the fifth largest cooperative financial group in the world, with assets of $435.8 billion as at March 31, 2024. It was named one of Canada's Best Employers by Forbes magazine and by Mediacorp. To meet the diverse needs of its members and clients, Desjardins offers a full range of products and services to individuals and businesses through its extensive distribution network, online platforms and subsidiaries across Canada. Ranked among the world's strongest banks according to The Banker magazine, Desjardins has some of the highest capital ratios and credit ratings in the industry and the first according to Bloomberg News.
Company Details
desjardins
43,222
365,039
52211
desjardins.com
0
DES_2216604
In-progress
Between 650 and 699

Desjardins Global Score (TPRM)XXXX

Description: Montana AG Investigates Lee Enterprises Ransomware Attack Impacting 40,000 A ransomware attack on Lee Enterprises, a Davenport, Iowa-based media company, has prompted an investigation by Montana Attorney General Austin Knudsen. The breach, attributed to the Qilin ransomware group, compromised the personal data of nearly 40,000 employees and subscribers earlier this year. Lee Enterprises owns multiple newspapers in Montana, including the *Helena Independent Record*, *Billings Gazette*, *Missoulian*, and *Montana Standard*, as well as dozens of other publications nationwide. While the company has not publicly detailed the extent of the exposed data, the incident marks a significant cybersecurity failure for the media organization. The Montana AG’s office confirmed the investigation on Friday, though official details had not yet been posted on its website at the time of reporting. This follows a broader trend of escalating ransomware attacks, with 2023 seeing record-high incidents and payments, according to a FinCEN report. The breach adds to a growing list of cyber incidents in 2024, including a second data exposure in seven months at Methodist Homes of Alabama and Northwest Florida and a security lapse at Virginia Urology, where purported patient data began leaking online. Meanwhile, federal authorities secured a conviction against a Nigerian national for wire fraud, aggravated identity theft, and unauthorized computer access, underscoring the global reach of cybercrime. Lee Enterprises has not yet issued a public statement on the investigation’s status or remediation efforts.
Description: Key Suspect in Desjardins Data Breach Arrested in Spain After 17-Month Manhunt Juan Pablo Serrano, a fugitive wanted in connection with the 2024 Desjardins data breach, was arrested in Spain on November 6, 2025, following a joint operation by Spanish authorities, Quebec provincial police, and Interpol. Serrano, 40, had been at large since June 2024 and was among Quebec’s most wanted individuals. Interpol issued a Red Notice for his arrest, enabling global law enforcement to track and detain him. He now faces extradition to Canada, where he will be charged with identity theft, fraud exceeding $5,000, and trafficking in identity information. Serrano is accused of purchasing stolen Desjardins customer data from Sébastien Boulanger-Dorval, a former Desjardins marketing employee, and using it to carry out fraud schemes. Boulanger-Dorval, 42, was arrested in 2024 and charged with fraud, identity theft, and the illegal sale of personal data allegedly to settle debts. He was identified as the primary suspect in the breach, having exploited his access to sensitive information while employed at the financial institution.


No incidents recorded for Desjardins in 2026.
No incidents recorded for Desjardins in 2026.
No incidents recorded for Desjardins in 2026.
Desjardins cyber incidents detection timeline including parent company and subsidiaries

Desjardins Group is the largest cooperative financial group in North America and the fifth largest cooperative financial group in the world, with assets of $435.8 billion as at March 31, 2024. It was named one of Canada's Best Employers by Forbes magazine and by Mediacorp. To meet the diverse needs of its members and clients, Desjardins offers a full range of products and services to individuals and businesses through its extensive distribution network, online platforms and subsidiaries across Canada. Ranked among the world's strongest banks according to The Banker magazine, Desjardins has some of the highest capital ratios and credit ratings in the industry and the first according to Bloomberg News.


Welcome to the Official LinkedIn page of MCB Bank Limited. Established in 1947, MCB Bank Limited is one of the largest Banks in Pakistan with a total customer base exceeding 7 million. We have products and services to suit the every need of customers. To learn more about MCB Bank, please visit our w

The Crédit Agricole group is the leading partner of the French economy and one of the largest banking groups in Europe. It is the leading retail bank in Europe as well as the first European asset manager, the first bancassurer in Europe and the third European player in project finance. Built on its

Rabobank is a cooperative bank with a mission. Our goal: to help customers realize their ambitions. We serve about 10 million customers in 47 countries. As an international financial institution, we work on the well-being and prosperity of millions of people. In the Netherlands, we serve individual
Industrial and Commercial Bank of China Ltd. (ICBC) (simplified Chinese: 中国工商银行; traditional Chinese: 中國工商銀行; pinyin: Zhōngguó Gōngshāng Yínháng, more commonly just 工行 Gōngháng) is China's largest bank and the largest bank in the world. It is one of China's "Big Four" state-owned commercial banks (t
FAB, the UAE’s largest bank and one of the world’s largest financial institutions offers a an extensive range of tailor-made solutions, and products and services, to provide a customised banking experience. Through its strategic offerings, it looks to meet the banking needs of customers across the w
Access Bank Plc is a full service commercial Bank operating through a network of over 600 branches and service outlets located in major centres across Nigeria, Sub Saharan Africa and the United Kingdom. Listed on the Nigerian Stock Exchange in 1998, the Bank serves its various markets through 5 busi

On 7 November 1959, UBL’s first branch at II Chundrigar Road in Karachi was inaugurated and with it launched a culture of service, innovation and financial excellence in Pakistan. A banking company incorporated in Pakistan and engaged in commercial banking and related services, UBL operates one of t

Yapı Kredi has been sustainably strengthening its market positioning in the sector since its establishment in 1944 through a customer-centric approach and focus on innovation. Yapı Kredi is the 3rd largest private bank in Turkey with total assets worth TL 411 billion as of the end of 2019. Constantl

We’re here to do Right By You. At UOB, we aspire to build a better future for the people and businesses in the region. Through our extensive network and suite of capabilities, we offer financial solutions to the people and businesses within, and connecting with ASEAN. We create solutions tail
.png)
A Canadian man wanted in connection with the Desjardins data breach that exposed the personal information of nearly 10 million people has...
Quebec provincial police say a suspect in a major data leak at Desjardins was arrested in Spain in November 2025.
Authorities say Juan Pablo Serrano was arrested by Spanish authorities following a joint operation involving police in Spain,...
When Dr. Benoit Desjardins attended DEF CON with his teenage son in 2017, he didn't expect a line of 500 people outside a small session on...
Cybersecurity expert Benoit Desjardins speaks during the HIMSS AI and Cybersecurity Virtual Forum on Nov. 18. Photo: Screenshot HIMSS AI and...
Kickoff speaker Benoit Desjardins looks at how AI is increasing cybersecurity risk.
Cyber risk and digital resilience will top the European securities regulators' compliance priorities in 2026, the European Securities and...
Information belonging to over a million Quebec residents from the 2019 Desjardins data breach has resurfaced on the dark web.
Cybersecurity in healthcare is no longer just about protecting data; it is about safeguarding patients, maintaining public trust and...

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Desjardins is http://www.desjardins.com/fr/bienvenue.jsp.
According to Rankiteo, Desjardins’s AI-generated cybersecurity score is 678, reflecting their Weak security posture.
According to Rankiteo, Desjardins currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Desjardins has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
According to Rankiteo, Desjardins is not certified under SOC 2 Type 1.
According to Rankiteo, Desjardins does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Desjardins is not listed as GDPR compliant.
According to Rankiteo, Desjardins does not currently maintain PCI DSS compliance.
According to Rankiteo, Desjardins is not compliant with HIPAA regulations.
According to Rankiteo,Desjardins is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Desjardins operates primarily in the Banking industry.
Desjardins employs approximately 43,222 people worldwide.
Desjardins presently has no subsidiaries across any sectors.
Desjardins’s official LinkedIn profile has approximately 365,039 followers.
Desjardins is classified under the NAICS code 52211, which corresponds to Commercial Banking.
No, Desjardins does not have a profile on Crunchbase.
Yes, Desjardins maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/desjardins.
As of January 22, 2026, Rankiteo reports that Desjardins has experienced 2 cybersecurity incidents.
Desjardins has an estimated 7,153 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with interpol, spanish authorities, quebec provincial police, and law enforcement notified with yes..
Title: Desjardins Data Breach and Fraud Scheme
Description: Juan Pablo Serrano, wanted in connection with the Desjardins data breach, was arrested in Spain. He allegedly purchased Desjardins members and customers data lists through Sébastien Boulanger-Dorval and executed various fraud schemes. Boulanger-Dorval, a former Desjardins employee, was arrested and charged with fraud, identity theft, and illegal possession and sale of personal information.
Date Publicly Disclosed: 2024-06
Type: Data Breach
Attack Vector: Insider Threat
Threat Actor: Juan Pablo SerranoSébastien Boulanger-Dorval
Motivation: Financial GainDebt Repayment
Title: Lee Enterprises Ransomware Attack and Data Breach
Description: Lee Enterprises, a Davenport, Iowa-based media company, experienced a ransomware attack by the group Qilin, compromising the personal data of nearly 40,000 employees and subscribers. The Montana Attorney General’s Office is investigating the incident.
Type: Ransomware, Data Breach
Threat Actor: Qilin
Common Attack Types: The most common types of attacks the company has faced is Breach.
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Insider (Sébastien Boulanger-Dorval).

Data Compromised: Desjardins members and customers data lists
Brand Reputation Impact: High
Legal Liabilities: Yes
Identity Theft Risk: High

Data Compromised: Personal data of nearly 40,000 employees and subscribers
Identity Theft Risk: Aggravated identity theft risk (referenced in related case)
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information and Personal data.

Entity Name: Desjardins
Entity Type: Financial Institution
Industry: Banking and Financial Services
Location: Canada
Customers Affected: Members and customers

Entity Name: Lee Enterprises
Entity Type: Media Company
Industry: Publishing, Digital News
Location: Davenport, Iowa, USA
Customers Affected: Nearly 40,000 employees and subscribers

Entity Name: Methodist Homes of Alabama and Northwest Florida
Entity Type: Healthcare Provider
Industry: Healthcare
Location: Alabama and Northwest Florida, USA

Third Party Assistance: Interpol, Spanish authorities, Quebec provincial police
Law Enforcement Notified: Yes
Third-Party Assistance: The company involves third-party assistance in incident response through Interpol, Spanish authorities, Quebec provincial police.

Type of Data Compromised: Personal Information
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Yes

Type of Data Compromised: Personal data
Number of Records Exposed: Nearly 40,000
Sensitivity of Data: High (personally identifiable information)
Personally Identifiable Information: Yes

Ransomware Strain: Qilin

Legal Actions: Yes

Legal Actions: Montana Attorney General’s investigation
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Yes, Montana Attorney General’s investigation.

Source: Quebec provincial police news release
Date Accessed: 2025-11-06

Source: DataBreaches.net

Source: Montana Attorney General’s Office
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Quebec provincial police news releaseDate Accessed: 2025-11-06, and Source: DataBreaches.netUrl: https://databreaches.net/feed/, and Source: Montana Attorney General’s Office.

Investigation Status: Ongoing (Extradition pending)

Investigation Status: Ongoing (Montana Attorney General’s investigation)

Entry Point: Insider (Sébastien Boulanger-Dorval)
High Value Targets: Desjardins members and customers data
Data Sold on Dark Web: Desjardins members and customers data

Root Causes: Insider threat, unauthorized data access and sale
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Interpol, Spanish authorities, Quebec provincial police.
Last Attacking Group: The attacking group in the last incident were an Juan Pablo SerranoSébastien Boulanger-Dorval and Qilin.
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-06.
Most Significant Data Compromised: The most significant data compromised in an incident were Desjardins members and customers data lists, Personal data of nearly 40 and000 employees and subscribers.
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Interpol, Spanish authorities, Quebec provincial police.
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Desjardins members and customers data lists, Personal data of nearly 40 and000 employees and subscribers.
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 40.0K.
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Yes, Montana Attorney General’s investigation.
Most Recent Source: The most recent source of information about an incident are DataBreaches.net, Montana Attorney General’s Office and Quebec provincial police news release.
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://databreaches.net/feed/ .
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (Extradition pending).
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Insider (Sébastien Boulanger-Dorval).
.png)
Backstage is an open framework for building developer portals, and @backstage/backend-defaults provides the default implementations and setup for a standard Backstage backend app. Prior to versions 0.12.2, 0.13.2, 0.14.1, and 0.15.0, the `FetchUrlReader` component, used by the catalog and other plugins to fetch content from URLs, followed HTTP redirects automatically. This allowed an attacker who controls a host listed in `backend.reading.allow` to redirect requests to internal or sensitive URLs that are not on the allowlist, bypassing the URL allowlist security control. This is a Server-Side Request Forgery (SSRF) vulnerability that could allow access to internal resources, but it does not allow attackers to include additional request headers. This vulnerability is fixed in `@backstage/backend-defaults` version 0.12.2, 0.13.2, 0.14.1, and 0.15.0. Users should upgrade to this version or later. Some workarounds are available. Restrict `backend.reading.allow` to only trusted hosts that you control and that do not issue redirects, ensure allowed hosts do not have open redirect vulnerabilities, and/or use network-level controls to block access from Backstage to sensitive internal endpoints.
Backstage is an open framework for building developer portals, and @backstage/cli-common provides config loading functionality used by the backend and command line interface of Backstage. Prior to version 0.1.17, the `resolveSafeChildPath` utility function in `@backstage/backend-plugin-api`, which is used to prevent path traversal attacks, failed to properly validate symlink chains and dangling symlinks. An attacker could bypass the path validation via symlink chains (creating `link1 → link2 → /outside` where intermediate symlinks eventually resolve outside the allowed directory) and dangling symlinks (creating symlinks pointing to non-existent paths outside the base directory, which would later be created during file operations). This function is used by Scaffolder actions and other backend components to ensure file operations stay within designated directories. This vulnerability is fixed in `@backstage/backend-plugin-api` version 0.1.17. Users should upgrade to this version or later. Some workarounds are available. Run Backstage in a containerized environment with limited filesystem access and/or restrict template creation to trusted users.
Backstage is an open framework for building developer portals. Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to read arbitrary files via the `debug:log` action by creating a symlink pointing to sensitive files (e.g., `/etc/passwd`, configuration files, secrets); delete arbitrary files via the `fs:delete` action by creating symlinks pointing outside the workspace, and write files outside the workspace via archive extraction (tar/zip) containing malicious symlinks. This affects any Backstage deployment where users can create or execute Scaffolder templates. This vulnerability is fixed in `@backstage/backend-defaults` versions 0.12.2, 0.13.2, 0.14.1, and 0.15.0; `@backstage/plugin-scaffolder-backend` versions 2.2.2, 3.0.2, and 3.1.1; and `@backstage/plugin-scaffolder-node` versions 0.11.2 and 0.12.3. Users should upgrade to these versions or later. Some workarounds are available. Follow the recommendation in the Backstage Threat Model to limit access to creating and updating templates, restrict who can create and execute Scaffolder templates using the permissions framework, audit existing templates for symlink usage, and/or run Backstage in a containerized environment with limited filesystem access.
FastAPI Api Key provides a backend-agnostic library that provides an API key system. Version 1.1.0 has a timing side-channel vulnerability in verify_key(). The method applied a random delay only on verification failures, allowing an attacker to statistically distinguish valid from invalid API keys by measuring response latencies. With enough repeated requests, an adversary could infer whether a key_id corresponds to a valid key, potentially accelerating brute-force or enumeration attacks. All users relying on verify_key() for API key authentication prior to the fix are affected. Users should upgrade to version 1.1.0 to receive a patch. The patch applies a uniform random delay (min_delay to max_delay) to all responses regardless of outcome, eliminating the timing correlation. Some workarounds are available. Add an application-level fixed delay or random jitter to all authentication responses (success and failure) before the fix is applied and/or use rate limiting to reduce the feasibility of statistical timing attacks.
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows an attacker to bypass Kubernetes RBAC impersonation and execute API requests with the operator's service account privileges. In order to be vulnerable, cluster admins must configure the Flux Operator with an OIDC provider that issues tokens lacking the expected claims (e.g., `email`, `groups`), or configure custom CEL expressions that can evaluate to empty values. After OIDC token claims are processed through CEL expressions, there is no validation that the resulting `username` and `groups` values are non-empty. When both values are empty, the Kubernetes client-go library does not add impersonation headers to API requests, causing them to be executed with the flux-operator service account's credentials instead of the authenticated user's limited permissions. This can result in privilege escalation, data exposure, and/or information disclosure. Version 0.40.0 patches the issue.

Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.