- Hackers leaked customer data from Toys “R” Us Canada, exposing names, emails, and phone numbers
- Company hired cybersecurity experts, strengthened defenses, and notified affected customers and authorities
- No passwords stolen, but phishing and identity theft risks remain high
Cybercriminals stole and leaked Toys “R” Us Canada’s customer information recently, putting numerous people at risk of phishing, identity theft, and other forms of fraud.
The company has begun notifying affected customers of the incident, and in a letter quickly shared on social media, the company said it had become aware of the breach after hackers posted about it on the dark web.
In response, Toys “R” Us hired a third-party cybersecurity company for forensic analysis and assessment, and determined that a “subset of customer records” was stolen.
Strengthening the security
The letter does not discuss how many people were affected, but it did say that the attackers made away with people’s names, postal addresses, email addresses, and phone numbers.
“We’d like to stress that no passwords, credit card details, or similar confidential data were involved in this incident,” the letter reads.
Further, the company said that it already had “strong protections” in place across its IT systems, but still strengthened it with a “number of enhanced security measures” to prevent future incursions.
There was no word on who the attackers were, or how they managed to break in. It was just said that so far there is no evidence the data was misused.
Valid names, emails, and phone numbers are valuable to cybercriminals who can use them for phishing, identity theft, and other scams, so it’s safe to say it’s only a matter of time before customers start getting emails spoofing Toys “R” Us or similar businesses.
The company said it is currently in the process of notifying relevant authorities, and urged customers to stay vigilant and not respond to unsolicited requests for information, never click on links or attachments from suspicious emails, and generally be wary of phishing and spoofing attempts.
So far, no threat actors claimed responsibility for this attack.
Via BleepingComputer
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
The best antivirus for all budgets
https://cdn.mos.cms.futurecdn.net/ThNyuwnA55tfcixfqWcEcA-970-80.jpg
Source link
