Contents:
Threat actors injected malware that steals customers` private data on Canada`s largest alcohol retailer online store. On January 10th, 2023, the Liquor Control Board of Ontario (LCBO), a Canadian government enterprise, announced that unknown hackers had breached their website.
Cyber researchers discovered that a credit card stealing script had been exfiltrating data from the website for five days. Customers who used the payment page on LCBO.com between January 5th and January 10th, 2023, could have fallen victim to this cyberattack.
Statement regarding LCBO’s cybersecurity incident and response. pic.twitter.com/OYcuOkxLj8
— LCBO (@LCBO) January 12, 2023
Research on the facts is still ongoing, as the retailer is trying to have a complete list of those affected by the data breach. LCBO also claims that mobile app users were not impacted.
LCBO Customers` Financial Data at Risk
LCBO discovered the attack on January 10 and took down the website and mobile app. At the moment, they offered no explanation for enforcing this measure. Two days later they announced that a credit card skimmer had been active on their website for five days.
This means threat actors might have obtained private data sets, like credit card information, Aeroplan numbers, LCBO.com account passwords, names and emails.
Cyber researchers expect the stolen data will either appear for sale on hacking or carding forums or be used for identity theft or financial fraud schemes.
What to Do if You`re a Victim of the Attack
As LCBO warned that
Unfortunately, customers who provided personal information on our check-out pages and proceeded to our payment page on LCBO.com between January 5, 2023, and January 10, 2023, may have had their information compromised.
They also urged the people who suspect they might have been a victim of this cyberattack to monitor their credit card statements and notify immediately their credit card providers if any suspicious transaction comes along.
After being reviewed and tested, the LCBO website and mobile app were restored and are now completely available to users.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.