Canada’s Toys 'R' Us Notifies Customers of July Data Breach
Toys "R" Us Canada notified individuals Thursday of a data breach that may have compromised the personal information of an undisclosed number of customers.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
In an email to those impacted, the toy store said it discovered on July 30 that “a third party was claiming to have stolen information from our database.” Third-party cybersecurity experts were “immediately” hired to contain the incident as well as investigate.
The investigation revealed the bad actor “copied certain records” from the Toys “R” Us customer database containing personal information, the notice added. The exposed information included names, addresses, emails and phone numbers; no passwords or credit card details were impacted.
On the advice of third-party cybersecurity experts, the retailer said it's supplementing “already ... strong [IT systems] protections" with "enhanced security measures to prevent a similar incident occurring."