We answer your questions

What is the nature of the incident?

The results of the research carried out confirm that a malicious third party was able to extract a copy of a database known as "backoffice", containing contractual management and contact information. We immediately took the necessary steps to put an end to the modus operandi used by this third party. We have filed a complaint with the Prosecutor of the Republic of Paris so that all external investigations can be carried out in the interest of our clients and prospects.

When was data compromise detected?

As part of our usual security policy, an atypical computer activity was detected on August 18, 2020 and we immediately investigated, identified the existence of a computer intrusion and terminated its modus operandi. We then set out to trace the actions of the malicious third party and were finally able to establish the nature and impact of the incident on the personal data of our customers and prospects, in order to be able to inform them in a transparent and complete manner, to refer the relevant authorities and initiate legal proceedings.

Is this incident over?

Following the alert, we immediately investigated to be able to contain the incident. This one stopped. We ensure the security of our customers' data through 24/7 continuous monitoring.

Why didn't you inform me immediately after the incident was detected?

As soon as this incident was detected, we first set out to neutralize it, to audit all the security devices in place to ensure that they were working properly. We then looked at what data had been compromised and who was involved. 
As soon as these investigations could be completed, we initiated the regulatory notification and information processes of the people concerned, especially through the message you received and the preparation of this question and answer section. 

What is the origin of this possible data compromise?

CORUM has filed a complaint and an investigation, closely involving our IT teams and the relevant authorities, is under way to identify the source of this security incident. At this stage, no attribution can be made.

What are the risks I incur if my personal data has been stolen?

Compromised data is contact information and contractual management information. As such, they cannot affect your secure use of our services, the performance of the contracts signed or their financial performance. No passwords are stored or readable in our information systems, as they are encrypted when they are created, under the exclusive control of our customers, in accordance with the highest standards of computer security.
Compromised data is likely to be used for phishing or scam campaigns, as it may allow a third party posing as Corum to our customers by emailing them to mention a contract number or information that suggests to the person being contacted that they are in contact with Corum. 
If you have any doubts about an attempted scam or fraud, we recommend that you inform the relevant security services.

Is this attack an exceptional event?

Our company is regularly subjected to cyber-attacks of all kinds and backgrounds and has organized itself accordingly with the support of trusted partners.

What should I do when my data is compromised?

We encourage you to be extra vigilant when receiving messages or solicitations from third parties and to verify their identity before providing any information that would allow for embezzlement or attaining payment details. In particular, we recommend that you do not respond to any request that does not comply with the security conditions we apply in all our communications with our customers, prospects or partners.

Individual and collective vigilance is the most effective response to phishing phenomena that affect all sectors of activity and benefit from the reputation or performance of companies such as ours.

We invite you to read the infographic published by the National Agency for Security of Information Systems to better understand this type of situation, which is multiplying in all sectors of activity.

How long is my personal data stored by CORUM AM?

The data necessary to manage or archive your contracts and their financial performance, are archived during the applicable legal prescription periods, which are required of any company established in France, in particular accounting and billing data, which must be archived for 10 years.

What measures are being taken to protect the company's computer system?

Defensive measures immediately neutralized the modus operandi used by the computer hackers. 

In addition, all of our employees' identifiers have been audited and modified as a preventative measure and numerous preventative security, detection and neutralization measures have been reviewed to prevent the reproduction of an attack according to the same procedures, drawing on the expertise of major PLAYERS in computer security.

IT security is a constant commitment given current issues. To meet these challenges, we continually audit and improve our security systems and business continuity plan, which is regularly tested to be strengthened and alert us to any suspicious activity.

In practical terms, what steps have been taken since the incident?

As soon as we were notified of suspicious activity on our computer network, we identified and isolated the incident. The security of our computer systems has been strengthened to guard against further intrusion. 

In accordance with regulatory requirements, we have notified the CNIL and filed a complaint with the Prosecutor of the Republic of Paris so that an investigation can be conducted by the relevant authorities. 

We then launched an information procedure with all concerned within the time frame provided by the regulatory texts. At the same time, we have moved closer to Orange Cyberdefense, the world's leading IT security company, to ensure maximum security of our infrastructure and data.

How did you realize there was an intrusion into your systems?

The teams in charge of the regular monitoring of the security status of the computer network showed us unusual activity, which allowed us to identify and contain this incident as soon as possible.

The results of the research conducted confirm that a malicious third party attempted to access a backoffice database, containing contractual management and contact information.

Why did I get an email?

You received an email because we noticed a security incident relating to computer network in France. The results of the research conducted indicate that to date, some of the personal data you have entrusted to us, when you made a request for information about our services, may have been compromised.

What data was stolen?

It all depends on the profile of the people involved according to the relationship established with Corum Asset Management.