Credit Suisse Group AG warned part of its workforce that a former employee copied and took some of their personal data years ago, including descriptions of their compensation.
(Bloomberg) — Credit Suisse Group AG warned part of its workforce that a former employee copied and took some of their personal data years ago, including descriptions of their compensation.
The staffer, who had legitimate access to data at the time, transferred the information onto a personal device in breach of Credit Suisse policies and later left the company, the Swiss bank told employees in emails and letters, a copy of which was obtained by Bloomberg.
The breach was initially detected in March 2021, and after an internal investigation and attempts to recover the information, the bank notified employees this week, according to a person with direct knowledge of the matter. Part of the delay stemmed from the bank’s effort to identify who took the information, a process that involved going to court, the person said.
Some of the data taken included information on salaries and variable compensation between 2013 and 2015, as well as bank account information used for salary payments, the person said, asking not to be named discussing the confidential matter. The data taken varies by employee, the person noted.
The company found no evidence data was shared or used maliciously, the person said.
“Having investigated it thoroughly, we have taken and are continuing to take steps – including legal remedies — to adequately contain the incident,” the Zurich-based company said in a statement emailed by a spokesperson on Monday. “To date, there is no evidence of any onward transmission or intent to use the data in any way.”
EFinancialCareers reported earlier Monday that employees had been told of the breach.
–With assistance from Sridhar Natarajan.
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.