Giant Tiger, a prominent Ottawa-based discount retailer, has announced a breach of customer data.
This incident, linked to a third-party vendor responsible for managing the retailer’s customer communications and engagement, has put the personal information of an undisclosed number of customers at risk.
The Breach Unveiled
The security lapse was discovered on March 4, and Giant Tiger concluded by March 15 that customer information was indeed compromised.
Document
@import url('https://fonts.googleapis.com/css2?family=Poppins&display=swap');
@import url('https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap');
*{
margin: 0; padding: 0;
text-decoration: none;
}
.container{
font-family: roboto, sans-serif;
width: 90%;
border: 1px solid lightgrey;
padding: 20px;
background: linear-gradient(2deg,#E0EAF1 100%,#BBD2E0 100%);
margin: 20px auto ;
border-radius: 40px 10px;
box-shadow: 5px 5px 5px #e2ebff;
}
.container:hover{
box-shadow: 10px 10px 5px #e2ebff;
}
.container .title{
color: #015689;
font-size: 22px;
font-weight: bolder;
}
.container .title{
text-shadow: 1px 1px 1px lightgrey;
}
.container .title:after {
width: 50px;
height: 2px;
content: ' ';
position: absolute;
background-color: #015689;
margin: 20px 0;
}
.container h2{
line-height: 40px;
margin: 5px 3px;
font-weight: bolder;
}
.container a{
color: #170d51;
}
.container p{
font-size: 18px;
line-height: 30px;
margin: 10px 0;
}
.container button{
padding: 15px;
background-color: #4469f5;
border-radius: 10px;
border: none;
background-color: #00456e ;
font-size: 16px;
font-weight: bold;
margin-top: 5px;
}
.container button:hover{
box-shadow: 1px 1px 15px #015689;
transition: all 0.2S linear;
}
.container button a{
color: white;
}
hr{
/ display: none; /
}
.listWrapper {
padding-left: 4rem;
/*list-style-type: none;*/
}
.listWrapper li {
/*padding-left: 2rem;
background-image: url(star.svg);*/
background-position: 0 0;
line-height: 2rem;
background-size: 1.6rem 1.6rem;
background-repeat: no-repeat;
}
Free Webinar : Mitigating Vulnerability & 0-day Threats
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.
:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, that helps you to quantify risk accurately:
Book Your spot
Alison Scarlett, a spokesperson for Giant Tiger, emphasized the company’s commitment to resolving the issue swiftly and transparently.
However, the identity of the implicated vendor remains undisclosed.
In response to the breach, Giant Tiger has been proactive in notifying affected customers and advising them to be vigilant about suspicious emails and phone calls.
The compromised data varies among customers but predominantly includes names, email addresses, and, for some, phone numbers and street addresses.
This information pertains to Giant Tiger’s email subscribers, loyalty members, and those who have placed online orders for in-store pickup or home delivery.
According to a recent report by CBC News, Giant Tiger, the discount retailer, has confirmed that its customer data was compromised due to a third-party breach.
The Scope of the Breach
Scarlett refrained from providing a specific figure but indicated that the number of impacted customers correlates with each program’s enrollment.
This breach is part of a growing trend of cybersecurity incidents involving third-party vendors, a point highlighted by Ritesh Kotak, a cybersecurity technology analyst and lawyer based in Ontario.
Kotak warns that such breaches often occur when companies share data with third parties for marketing and advertising, leaving customers vulnerable if these partners lack robust cybersecurity and privacy protocols.
He advises those affected to monitor their accounts closely and be wary of phishing attempts designed to harvest further information or deceive them into making purchases.
In a recent tweet by NewsMarket Today, it was reported that Giant Tiger’s customer information was compromised in a data breach.
Giant Tiger customer information compromised in data breach https://t.co/OefvcLppt3 — NewmarketToday (@newmarkettoday) March 25, 2024 No Payment Information Compromised
It’s a small consolation that no payment information or passwords were included in the compromised data.
Giant Tiger has enlisted cybersecurity experts to investigate the breach independently.
The retailer assures that the incident did not affect its store systems and applications.
This incident adds Giant Tiger to the list of Canadian organizations hit by cybersecurity breaches in recent years, joining the ranks of Indigo Books & Music, the LCBO, the Nova Scotia government, the Toronto Public Library, and the City of Hamilton in Ontario.
Scarlett’s statement to The Canadian Press underscores Giant Tiger’s regret over the incident and its dedication to employing best practices to prevent future breaches.
As the digital landscape continues to evolve, so too does the complexity of protecting consumer data, highlighting the need for stringent cybersecurity measures across all sectors.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter .
The post Giant Tiger Data Breach: Customers Data Exposed Via Vendor appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform .
