Credit Suisse says rogue employee took personnel, salary data

Credit Suisse Group AG warned part of its workforce that a former employee copied and took some of their personal data years ago, including details of their compensation.

The employee, who had legitimate access to the data at the time, transferred the information to a personal device in violation of Credit Suisse policies and subsequently left the company, the Swiss bank said in emails and letters to employees, a copy of which was accessed by Bloomberg. was obtained.

The breach was initially discovered in March 2021, and following an internal investigation and efforts to recover the information, the bank notified employees this week, according to a person with direct knowledge of the matter. The person said that part of the delay resulted from the bank’s effort to identify the person who took the information, a process that involves going to court.

The revelation of the data theft comes as Credit Suisse tries to restore employee morale and customer confidence after a series of losses and inspection lapses. In another case involving a rogue banker, the firm is still struggling to resolve a series of lawsuits involving more than a million dollars from a billionaire client. Meanwhile, a data leak involving thousands of former Credit Suisse customers has attracted the scrutiny of Swiss prosecutors.

Switzerland’s banking regulator FINMA is aware of the incident and is in contact with the bank, a spokeswoman said, declining to comment further. The Swiss attorney-general’s office was not immediately available to comment.

Some of the data taken included salary and variable compensation information between 2013 and 2015, as well as bank account information used for salary payments, the person said, speaking on condition of anonymity when discussing the confidential matter. Is. The data taken varies by employee, the person noted.

The person said the company found no evidence that the data was shared or used maliciously.

“After conducting a thorough investigation, we have taken and are taking steps, including legal measures, to adequately prevent the incident,” Zurich-based Credit Suisse said in a statement on Monday. “To date, there is no evidence of onward transmission or intent to use the data in any way.”

Credit Suisse last week posted its worst annual performance since the financial crisis and warned of another loss this year. It has made significant cuts to its bonus pool, risking further erosion of employee morale as it embarks on a restructuring plan that involves cutting thousands of jobs.

eFinancialCareers reported earlier on Monday that employees had been informed of the breach.

(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)