- Loblaw confirms cyberattack exposing customer contact data
- Names, phone numbers and emails stolen, but no passwords or financial information
- Stolen details could fuel phishing attacks despite being “core” data
Loblaw suffered a cyberattack in which scammers stole its customers’ basic contact information.
“Loblaw today informed its customers that it is investigating a data breach,” it said. “After identifying suspicious activity on a contained, non-critical portion of its computer network, the company determined that a third-party criminal had accessed certain basic customer information, such as names, phone numbers and email addresses.”
In response to the breach, the company said it had “secured its network and customer information,” without elaborating.
Article continues below
Urging customers to exercise caution
Loblaw said it has disconnected all its users who, to use the services again, will need to reconnect. She stressed that passwords, health information or credit card data were not affected.
This is probably why it did not reset users’ passwords, but simply logged them out.
Loblaw is Canada’s largest food and drug retailer, with approximately 2,500 stores, including supermarkets, pharmacies, bank kiosks and clothing stores, and plans to open an additional 70 locations this year. The company employs 220,000 people and has annual sales of $45 billion.
Although Loblaw describes the stolen data as “basic information,” it is more than enough for cybercriminals to launch convincing phishing attacks. By posing as Loblaw employees, scammers can trick their victims into sharing sensitive data, login credentials, etc., escalating what appears to be a “basic” and almost harmless attack.
Therefore, customers are advised to be especially cautious with incoming messages (emails, text messages, social media) from people claiming to work for Loblaw. Phishing emails usually contain a sense of urgency, such as an expired offer or an account about to be suspended or terminated.
So far, no one has claimed responsibility for the attack and the data has not yet been found on the dark web.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
