Canadian Tire Corp. said it discovered a data breach earlier this month that exposed personal information from customers who made online purchases across several of its retail banners.
The company said the incident was limited to one ecommerce database and did not involve Canadian Tire Bank or Triangle Rewards loyalty program information. The breach did not affect in-store systems and transactions, and all digital platforms remain operational, the retailer said.
The breach, identified on Oct. 2, involved a database containing names, addresses, email addresses and years of birth for online account holders of Canadian Tire, SportChek, Mark’s/L’Équipeur and Party City. The company said the database also contained encrypted passwords and, in some cases, truncated credit card numbers that cannot be used for purchases or account access.
The company, which operates nearly 1,700 retail locations under banners including Canadian Tire, SportChek and Mark’s, is one of Canada’s largest retail groups. It joins a growing list of Canadian firms disclosing cyber incidents in recent months amid rising industrywide threats.
Canadian Tire Corp. currently ranks 108 in the Top 2000 Database. The database ranks North America’s top online retailers by their annual ecommerce sales and more.
About the Canadian Tire data breach
For fewer than 150,000 accounts, the data included full birth dates. Canadian Tire said it is notifying those customers directly and will offer credit monitoring services. The company also reported the incident to privacy regulators.
“We have resolved the vulnerability and are working with external experts to strengthen our systems further,” Canadian Tire said in a statement. “Data security and customer trust remain a top priority.”
The company did not specify how long the unauthorized access lasted or whether investigators have identified the party responsible. Canadian Tire said it acted quickly to contain the breach upon detecting it.
The retailer added that it has invested in “advanced protection, monitoring systems, and data-segmentation controls” designed to safeguard sensitive customer information.
Cybersecurity analysts say the incident reflects a growing pattern of attacks targeting retail databases that store customer credentials and transaction data. While the use of encryption and truncated credit card details can reduce the risk of fraud, exposure of personal data such as names and birth dates can still leave consumers vulnerable to phishing attempts and identity theft.
Sign up
Sign up for a complimentary subscription to Digital Commerce 360 B2B News. It covers technology and business trends in the growing B2B ecommerce industry. Contact Mark Brohan, senior vice president of B2B and Market Research, at mark@digitalcommerce360.com. Follow him on Twitter @markbrohan. Follow us on LinkedIn, X (formerly Twitter), Facebook and YouTube.
FavoriteThe post Canadian Tire reports data breach affecting ecommerce customers appeared first on Digital Commerce 360.
from Digital Commerce 360 https://ift.tt/xykVp0F
0 Comments