Further to our communication of March 13, 2025, Prime Trust Financial Corporation Limited wishes to provide an important update regarding the data breach incident that occurred on 21 January 2025, which may have impacted certain client records relating to our operations.

What Happened

On January 21, 2025 a member of staff unknowingly downloaded a virus to their workstation during the course of carrying out a work related task that required a program to facilitate file transfers.

Our internal monitoring systems detected anomalous activity, which was subsequently confirmed to be a ransomware incident. At the time of detection, our analysis did not indicate any compromise or exfiltration of personal data related to customers or shareholders.

Our cybersecurity experts have determined that personal data, including Names, Taxpayer Registration Numbers (TRN), Addresses, Phone Numbers, Date of Birth, Email Addresses were accessed and may have been stolen by unauthorized individuals.

Possible Consequences to the Data Subject

Because of the nature of the data involved, there is a risk that your personal information could be misused, including through unauthorized access, fraud, identity theft, or phishing attacks. We strongly encourage you to remain vigilant, monitor your personal accounts for any unusual activity, and take appropriate steps to safeguard your information.

Actions Taken

• Containment & Recovery: Immediate steps were taken to isolate affected systems and prevent further loss or unauthorized access. The vulnerability has since been addressed.
• Notification to Authorities: The incident has been reported to the Bank of Jamaica and the Office of the Information Commissioner, with whom we continue to cooperate fully.
• System Enhancements: We have implemented Security Patching, Policy Updates, Antivirus Updates, and Multi-Factor Authentication
• Cybersecurity Audit: An independent cybersecurity audit is currently underway and will confirm the effectiveness of our revised systems and procedures.
• Policy & Training Improvements: We have introduced stricter controls to prevent unauthorized software installations and are expanding our annual cybersecurity training for all staff.

What This Means for You

At this time, we have no evidence that any of the compromised data has been misused. Nonetheless, we encourage clients to monitor their financial accounts for any unusual activity and report concerns to our support team immediately.

Ongoing Support

If you believe your data may have been affected or if you have any questions regarding this incident, please contact our Data Protection Officer at: (876)968-7261 or dpqueries@ptf.online. You may also visit any of our branch locations for in-person support.

We sincerely apologize for this incident and reaffirm our commitment to safeguarding your personal information with the highest standards of care and accountability.

Thank you for your understanding.