- Loblaw confirms a cyberattack that exposed its clients’ contact information
- They stole names, phone numbers and emails, but not passwords or financial information.
- Stolen details could fuel phishing attacks despite being ‘basic’ data
Loblaw has suffered a cyberattack in which criminals stole customers’ basic contact information.
“Loblaw notified its clients today that it is investigating a data breach,” it said. “After identifying suspicious activity in a contained, non-critical portion of its IT network, the company determined that a criminal third party accessed basic customer information, such as names, phone numbers and email addresses.”
In response to the breach, the company said it “protected its network and its customers’ information,” without providing further details.
Article continues below.
Urging customers to be cautious
Loblaw said it had logged out all of its users who, to use the services again, will need to log in again. He emphasized that passwords, health information or credit card data were not touched.
This is probably why you didn’t reset people’s passwords, you just locked them out.
Loblaw is Canada’s largest food and pharmaceutical retailer, with approximately 2,500 stores, including supermarkets, pharmacies, banking kiosks and clothing stores, with plans to open 70 additional locations this year. The company employs 220,000 people and has annual revenues of $45 billion.
While Loblaw described the stolen data as “basic information,” this is more than enough for cybercriminals to launch convincing phishing attacks. By posing as Loblaw employees, criminals can trick victims into sharing sensitive data, login credentials, and more, escalating what appears to be a “basic” and almost harmless attack.
Therefore, customers are advised to be especially careful with incoming messages (email, SMS, social media) from people claiming to work for Loblaw. Phishing emails often contain a sense of urgency, such as an offer that is expiring or an account that is about to be suspended or terminated.
So far, no one has claimed responsibility for the attack and the data has yet to be found on the dark web.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
