Loblaw Data Breach and U.S. Consulate Shooting Highlight Security Incidents in Canada
Loblaw Companies Ltd., the parent company of Loblaws and Shoppers Drug Mart, disclosed a data breach affecting some customers after detecting suspicious activity on a non-critical part of its IT network. The breach exposed names, phone numbers, and email addresses, though passwords, health information, and credit card data remained secure. The company has since secured its systems, logged out all customers, and confirmed that PC Financial was unaffected. The number of impacted customers was not specified.
Separately, Toronto police are investigating a national security incident after multiple shots were fired at the U.S. Consulate in downtown Toronto early Tuesday morning. Authorities are examining potential links to recent shootings at local synagogues. Police released an image of a suspect vehicle, believed to be connected to two male suspects. Ontario Premier Doug Ford suggested the incident may be tied to broader security threats, though the RCMP has not confirmed his claims about terror sleeper cells in Canada.
The incidents coincide with severe weather warnings for southern Ontario, where heavy rainfall starting Tuesday night could lead to localized flooding. Investigations into both the cyber breach and the consulate shooting remain ongoing.
Source: https://toronto.citynews.ca/2026/03/10/loblaw-says-some-customers-affected-by-data-breach/
Loblaw Companies Limited cybersecurity rating report: https://www.rankiteo.com/company/loblaw-companies-limited
"id": "LOB1773184670",
"linkid": "loblaw-companies-limited",
"type": "Breach",
"date": "5/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Retail, Pharmacy',
'location': 'Canada',
'name': 'Loblaw Companies Ltd.',
'type': 'Corporation'}],
'customer_advisories': 'Customers logged out, advised to monitor accounts',
'data_breach': {'personally_identifiable_information': 'Names, phone numbers, '
'email addresses',
'sensitivity_of_data': 'Low to moderate (no passwords, health '
'info, or credit card data exposed)',
'type_of_data_compromised': 'Personal Identifiable '
'Information (PII)'},
'description': 'Loblaw Companies Ltd. disclosed a data breach affecting some '
'customers after detecting suspicious activity on a '
'non-critical part of its IT network. The breach exposed '
'names, phone numbers, and email addresses, though passwords, '
'health information, and credit card data remained secure.',
'impact': {'data_compromised': 'Names, phone numbers, email addresses',
'payment_information_risk': 'None (credit card data remained '
'secure)',
'systems_affected': 'Non-critical part of IT network'},
'investigation_status': 'Ongoing',
'references': [{'source': 'News Article'}],
'response': {'communication_strategy': 'Public disclosure',
'containment_measures': 'Secured systems, logged out all '
'customers',
'incident_response_plan_activated': 'Yes'},
'title': 'Loblaw Data Breach',
'type': 'Data Breach'}