You've done an extraordinary job of putting all this in place. Congratulations.
I now want to talk about Canadians who are afraid that their data, which has been sent somewhere in the world, will be used to make transactions or for any other purpose. You can't be responsible for everyone. You have a responsibility to your members, and 90% of Quebecers are Desjardins members. However, you can't know whether data sent abroad comes from this particular breach.
In other words, if my stolen data is sent abroad, will you still cover me, even though the data could have been sent from another source?