- Hackers leaked buyer knowledge from Toys “R” Us Canada, exposing names, emails, and cellphone numbers
- Company employed cybersecurity specialists, strengthened defenses, and notified affected clients and authorities
- No passwords stolen, however phishing and identification theft dangers stay excessive
Cybercriminals stole and leaked Toys “R” Us Canada’s buyer info lately, placing quite a few individuals prone to phishing, identification theft, and different types of fraud.
The firm has begun notifying affected clients of the incident, and in a letter shortly shared on social media, the corporate mentioned it had develop into conscious of the breach after hackers posted about it on the darkish internet.
In response, Toys “R” Us employed a third-party cybersecurity firm for forensic evaluation and evaluation, and decided {that a} “subset of customer records” was stolen.
Strengthening the safety
The letter doesn’t talk about how many individuals have been affected, however it did say that the attackers made away with individuals’s names, postal addresses, electronic mail addresses, and cellphone numbers.
“We’d like to stress that no passwords, credit card details, or similar confidential data were involved in this incident,” the letter reads.
Further, the corporate mentioned that it already had “strong protections” in place throughout its IT methods, however nonetheless strengthened it with a “number of enhanced security measures” to stop future incursions.
There was no phrase on who the attackers have been, or how they managed to interrupt in. It was simply mentioned that to this point there isn’t a proof the info was misused.
Valid names, emails, and cellphone numbers are helpful to cybercriminals who can use them for phishing, identification theft, and different scams, so it’s secure to say it’s solely a matter of time earlier than clients begin getting emails spoofing Toys “R” Us or comparable companies.
The firm mentioned it’s presently within the technique of notifying related authorities, and urged clients to remain vigilant and never reply to unsolicited requests for info, by no means click on on hyperlinks or attachments from suspicious emails, and usually be cautious of phishing and spoofing makes an attempt.
So far, no menace actors claimed accountability for this assault.
Via BleepingComputer
