The Bank Of Montreal was contacted by a group of cyber-criminals on Monday, saying that they had the financial and personal information of a number of the bank’s customers. The bank is certain that the hacking must have been done from outside the country, and are confident that the vulnerability in the system that led to such information falling in the wrong hands has been mitigated.

The Bank of Montreal is said to have been working with authorities to find the cause of the issue. Bank of Montreal is also Canada’s fourth biggest money lender. They have still not disclosed how many customers have been affected by this attack or if the customers have lost money.

They gave a statement saying, “Customers are recommended to monitor their accounts and notify BMO with any suspicious activity.”

The notes held information such as abuser names, graphic descriptions of elder abuse, child abuse and suicidal distress, raising serious, large-scale privacy concerns. The bucket, which was located in the subdomain ‘LA County’, was found to be misfigured and anonymously accessible.

UpGuard later assured the public that the bucket was no longer accessible by everyone after they had informed LA County about it. But this incident throws light on all the big companies that store data online and that can they store such high risk information in unsafe places.