- Threat actor FutureSeeker posts new thread on BreachForums
- They claim to have stolen sensitive data from The North Pole Company
- The gift basket company has yet to respond to the complaints
The North Pole Company, a Canadian gift basket delivery service, reportedly suffered a data breach in which half a million customers lost sensitive personal information.
This claim was made on BreachForums, a popular underground community where cybercriminals come to share tools, resources and experiences, find partners and plan future attacks.
Cybersecurity researchers at Incogni reported that a threat actor using the pseudonym FutureSeeker posted a new thread on BreachForums on January 19, offering a North Pole database to his peers.
No response yet
“Today I uploaded the NorthPole database for you to download, thanks for reading and enjoy!” reads the thread.
Data compromised in the attack includes email addresses, phone numbers, emails, postal addresses and full names of exactly 520,599 people.
The North Pole Company has not yet made an official statement regarding the alleged violation. We have reached out and will update the article if we receive a response.
The North Pole Company is a Canadian gift basket delivery service specializing in Christmas gift baskets including gourmet food, wine and party favors, aiming to become the leading supplier in Canada and the United States.
FutureSeeker is a relatively unknown name in the cybercrime community. However, if these claims prove true, that could change. More than half a million active email addresses, along with their full names and phone numbers, are more than enough information for phishing and fraud, leaving users potentially in need of protection against identity theft.
As a security measure, if you have used The North Pole Company’s services in the past two years, be wary of incoming email messages and phone numbers, especially from people claiming to be representatives of the business.
