Cyberattack hits T&T Supermarket
The website of Loblaw subsidiary T & T Supermarket Inc. was hit by a cyberattack that may have exposed the personal data of 58,000 people.
Website visitors may also have been tricked into downloading malicious software onto their computers, the Richmond, B.C.-based Asian grocery chain said in a news release Friday.
The personal data that may have been stolen includes usernames, passwords, names and contact details.
It does not include credit card information, birthdates or social insurance numbers, as those are not collected through the website. T & T reported that the "unauthorized and illegal intrusions" to the website took place on:
- June 6, 7, and 11, when customers ordering products online to pick up in a store or people applying for a job may have been redirected to a malicious site.
- June 14 to 17, when the company's suppliers were similarly targeted.
The company said it has shut down its website and security experts are conducting a full investigation.
In the meantime, it will notify the people affected, and has already contacted all relevant privacy commissioners. It recommends that people who believe they are affected change their passwords and scan their computers for malware.
The company added that it will be enhancing security on its network.
T & T has 20 stores in British Columbia, Alberta and Ontario. Loblaw Companies Ltd. bought the chain for $225 million in 2009.
Cyberattacks have hit a number of other Canadian targets in the past two months, including the Conservative Party of Canada website, and video game makers BioWare, based in Edmonton, and Eidos Montreal.
Affected individuals can contact T&T at firstname.lastname@example.org or 1-855-296-2342.