TLDR:
- Giant Tiger Stores Ltd. experienced a data breach involving customer information linked to a third-party vendor.
- Contact information such as names, emails, phone numbers, and street addresses of customers may have been compromised.
Giant Tiger Stores Ltd., a discount retailer based in Ottawa, revealed that customer data was compromised in an incident related to a third-party vendor they use for customer communications. The company became aware of the breach on March 4th and confirmed customer information involvement by March 15th. The compromised data varied between customers, including names and email addresses for email subscribers, and additional information for loyalty members and online order customers.
Ritesh Kotak, a cybersecurity technology analyst and lawyer, highlighted the common occurrence of third-party breaches when companies share data for marketing purposes. Customers are urged to monitor their accounts and be cautious of phishing attempts following a breach. Giant Tiger stated that no payment information or passwords were compromised, and cybersecurity experts have been engaged to conduct an independent investigation.
The incident at Giant Tiger is part of a trend of cybersecurity breaches affecting Canadian organizations, with previous incidents impacting Indigo Books & Music, LCBO, and various government entities. The company expressed regret over the breach and reassured customers that store systems and applications were not affected. Giant Tiger remains committed to preventing such incidents in the future through best practices and cybersecurity measures.