The Office 365 user ID of an employee of OP Asset Management fell momentarily into the hands of a third party in a phishing attack on 14 November 2023. As a result of the data breach, a third party may have obtained information of a limited group of our customers.
The data breach did not put our customers’ funds at risk. We have or will personally inform the customers affected by the incident. No action is needed from them or from our other customers.
“OP is continuously and comprehensively monitoring cybersecurity. The case was detected quickly and reacted to immediately. We have reported the incident to the relevant authorities and filed a report of the offence, which the police are investigating. We apologise for this incident,” says Teemu Ylhäisi, Chief Information Security Officer of OP.