- Hackers leaked Toys “R” Us Canada customer data, exposing names, emails and phone numbers
- The company hired cybersecurity experts, strengthened defenses and notified affected customers and authorities.
- Passwords are not stolen, but phishing and identity theft risks remain high
Recently, cybercriminals stole and leaked Toys “R” Us Canada customer information, putting numerous people at risk of phishing, identity theft and other forms of fraud.
The company began notifying affected customers about the incident, and in a letter quickly shared on social media, the company said it had learned of the breach after hackers posted about it on the dark web.
In response, Toys “R” Us hired a third-party cybersecurity firm to perform forensic analysis and evaluations and determined that a “subset of customer records” had been stolen.
Strengthening security
The letter does not mention how many people were affected, but it does say that the attackers stole people’s names, mailing addresses, email addresses and phone numbers.
“We would like to emphasize that no passwords, credit card details or similar sensitive data were involved in this incident,” the letter reads.
Additionally, the company said it already had “strong protections” in place across all of its IT systems, but still reinforced them with a “series of enhanced security measures” to prevent future incursions.
It is not known who the attackers were or how they managed to enter. It was only said that so far there is no evidence that the data has been misused.
Valid names, emails, and phone numbers are valuable to cybercriminals who can use them for phishing, identity theft, and other scams, so it’s safe to say it’s only a matter of time before customers start receiving emails impersonating Toys “R” Us or similar companies.
The company said it is currently in the process of notifying the relevant authorities and urged customers to remain vigilant and not respond to unsolicited requests for information, never click on suspicious email links or attachments, and generally be wary of phishing and spoofing attempts.
To date, no threat actor has claimed responsibility for this attack.
Through beepcomputer
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
The best antivirus for all budgets
