What type of cyberattack did Canada Computers experience?

Canada Computers experienced a cyberattack where attackers exploited a web-based vulnerability to install infostealing malware on the company's checkout pages. The skimming script captured sensitive customer information as it was entered into web forms.

When was the Canada Computers data breach discovered?

Security researchers and customers found evidence of the malicious script on the site as early as December 2025. However, Canada Computers only publicly acknowledged the breach in late January 2026 after receiving media inquiries.

What customer information was exposed in the Canada Computers breach?

The exposed data includes customers' first and last names, email addresses, and credit card numbers. The total number of affected individuals and the financial value of the stolen data have not been disclosed.

Has there been fraud reported from the Canada Computers breach?

While Canada Computers claimed it found no evidence of fraud, customers on platforms like Reddit reported experiencing fraudulent charges on their credit cards shortly after shopping at the retailer, contradicting the company's official statement.

How has Canada Computers responded to the security breach?

Canada Computers stated it has vetted its systems and added new security layers to mitigate the vulnerability. However, the company's response has faced criticism for delays in addressing the flaw, with reports that users attempted to warn the retailer about the vulnerability twice through support tickets that were closed without investigation.

Incident

Canada Computers Notifies Customers of Web-Based Data Theft Incident

published: Jan. 28, 2026

Learn More

Canada Computers reports a cyberattack in which attackers exploited a web-based vulnerability to plant infostealing malware on the company's checkout pages. The skimming script captured sensitive information as users type it into web forms.

Security researchers and customers found evidence of this script on the site as early as December 2025, though the company only acknowledged the breach in late January 2026 after media inquiries. The exposed data includes:

First and last names
Email addresses
Credit card numbers

The number of affected individuals and the financial value of the stolen data are not disclosed. Canada Computers stated it has since vetted its systems and added new security layers to mitigate the vulnerability.

However, customers on platforms like Reddit reported fraudulent charges on their credit cards shortly after shopping at the retailer, contradicting the company's claim that it found no evidence of fraud.

The company's response has faced criticism due to a perceived delay in addressing the flaw. Users reportedly tried to warn the retailer about the vulnerability twice through support tickets, but staff closed the tickets without investigating.

Canada Computers Notifies Customers of Web-Based Data Theft Incident

Read More
INC Ransomware gang claims breach of Dollar Tree, …
David's Bridal reports data breach
Qilin and Devman hacking groups claim ransomware Attack …
Coop supermarket chain hit by ransomware cyberattack
DragonForce ransomware gang claims breach of Belk department …