Loblaw Companies Limited disclosed that hackers breached a contained portion of its IT network and accessed basic customer personal information, including names, phone numbers, and email addresses. The company says there is no evidence so far that financial, health, or account password data were compromised; it has logged out all customers as a precaution and recommends password changes, and PC Financial appears unaffected so far. #Loblaw #PCFinancial
Keypoints
- A breach of a contained, non-critical part of Loblawβs IT network exposed customer names, phone numbers, and email addresses.
- The exposed PII could be leveraged for phishing and fraudulent activities, so customers should remain vigilant.
- Loblaw automatically logged out all customers and advises account holders to change their passwords as a precaution.
- Investigators report no evidence that credit card details, health information, or account passwords were accessed; PC Financial is reportedly unaffected.
- No threat actor has publicly claimed responsibility and no Loblaw data was found advertised on underground forums at the time of reporting.