17 January 2023

Canada’s largest alcohol retailer online store infected with card skimmer


Canada’s largest alcohol retailer online store infected with card skimmer

A website belonging to the Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in Canada, has been found to be infected with a credit card stealing script that steals customers’ private data.

“LCBO has experienced a cybersecurity incident, affecting online sales through LCBO.com,” the retailer wrote in a statement. “At this time, we can confirm that an unauthorized party embedded malicious code into our website that was designed to obtain customer information during the checkout process.”

Customers who used the payment page on the company website between January 5, 2023, and January 10, 2023, may have been affected in the attack. Exposed data may have included names, email and mailing addresses, Aeroplan numbers, LCBO.com account passwords, and credit card information.

The incident did not impact orders placed via the company’s mobile app. The investigation into the incident is still ongoing.

Back to the list

Latest Posts

Russia-linked Nodaria APT adds new Graphiron infostealer to its toolkit

Russia-linked Nodaria APT adds new Graphiron infostealer to its toolkit

The new infostealer was observed in attacks targeting Ukrainian organizations.
8 February 2023
CISA releases tool to recover encrypted VMware ESXi servers

CISA releases tool to recover encrypted VMware ESXi servers

According to CISA’s list of bitcoin addresses, over 2,800 ESXi servers have been encrypted to date.
8 February 2023
Threat actors target Ukrainian government agencies with Remcos spyware

Threat actors target Ukrainian government agencies with Remcos spyware

The attack involves a phishing email ostensibly sent by Ukrtelecom, a major Ukrainian internet service provider.
8 February 2023