- Hackers Leaked Toys “R” Us Canada Customer Data, Revealing Names, Emails and Phone Numbers
- The company hired cybersecurity experts, strengthened its defenses and informed affected customers and authorities.
- No stolen passwords, but phishing and identity theft risks remain high
Cybercriminals recently stole and leaked Toys “R” Us Canada customer information, putting many people at risk of phishing, identity theft and other forms of fraud.
The company began notifying affected customers about the incident, and in a letter quickly shared on social media, the company said it became aware of the breach after hackers posted it on the dark web.
In response, Toys “R” Us hired a third-party cybersecurity firm for a forensic analysis and assessment, and determined that a “subset of customer records” had been stolen.
Strengthen security
The letter does not specify how many people were affected, but it says the attackers erased people’s names, mailing addresses, email addresses and phone numbers.
“We would like to emphasize that no passwords, credit card details or similar confidential data were involved in this incident,” the letter read.
Additionally, the company said it already has “robust protections” across all of its IT systems, but is nevertheless strengthening them with a “number of enhanced security measures” to prevent future incursions.
It is unclear who the attackers were or how they managed to gain entry. It was simply said that so far there was no evidence that the data had been misused.
Valid names, email addresses, and phone numbers are valuable to cybercriminals who can use them for phishing, identity theft, and other scams. So it’s safe to say that it’s only a matter of time before customers start receiving emails spoofing Toys “R” Us or similar companies.
The company said it was currently in the process of notifying the relevant authorities and urged its customers to remain vigilant and not respond to unsolicited requests for information, never click on suspicious email links or attachments, and generally be wary of phishing and identity theft attempts.
So far, no threat actor has claimed responsibility for this attack.
Via BeepComputer
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
The best antivirus for every budget
