Photographer: Stefan Wermuth / Bloomberg
Photographer: Stefan Wermuth / Bloomberg
Last month, a fake email claiming to come from Thomas Gottstein, Chief Executive Officer of Credit Suisse Group AG, which contained personal information about former employees, was sent to law enforcement, regulators and the press in multiple countries.
Two weeks later, the Zurich-based lender filed a lawsuit in the US to expose the source of the message – which it suspects was an inside job.
Using a fake Gmail account by the name of Gottstein, the March 20 message added its own files in an “apparent attempt to harm Credit Suisse as much as possible,” according to the complaint filed in federal court. from San Francisco.
The addresses, phone numbers, dates of birth, social security numbers, bank account information, gender and marital status of ex-Credit Suisse employees were disclosed, the court’s indictment said.
The incident comes while Credit Suisse is the aftermath of the Archegos Capital Management explosion, where the one $ 4.7 billion hit, the largest so far among investment banks lending trader Bill Hwang. Gottstein, who took over in February last year after an espionage scandal toppled its predecessor, has said there will be “serious lessons to be learned” from the scandal.
The mysterious authors of the March 20 email said they have hundreds of thousands of additional, comparable data on Credit Suisse employees and “other stakeholders,” and threatened to make it public, the lawsuit said.
The email accomplished what it claimed to reveal: an alleged data breach at Credit Suisse. It asked recipients to “take action against the bank,” unless Credit Suisse “takes swift and immediate action,” the complaint said on Thursday.
The bank denies that it has not protected personal data. Credit Suisse said in the lawsuit that it follows “robust policies and procedures” to maintain its systems and databases and that the content of the email reveals that at some point the defendants were given access to detailed internal information, including its contractual information. relationships and current business relationships.
Credit Suisse said the culprits “may be one or more former employees, but there is not yet enough information to definitively link the email to a specific individual or group of individuals.”
The lawsuit was previously reported by Reuters.
The case is Credit Suisse Securities v. Does, 21-cv-02568, US District Court, Northern District of California (San Francisco)