Wealthsimple, a major Canadian online investment and financial services platform, disclosed in September 2025 that a third-party vendor had been compromised, resulting in the exposure of sensitive customer data. The breach exposed customer contact details, government-issued identity documents (passports, driver’s licenses), financial account details, and Social Insurance Numbers (SINs) for affected customers. Wealthsimple notified affected customers and the Office of the Privacy Commissioner of Canada (OPC). Given the sensitivity of identity and financial data exposed, affected customers faced significant identity theft risk.