Canada
Over 20,000 crypto fraud victims identified in international crackdown
An international law enforcement action led by the U.K.’s National Crime Agency (NCA) has identified over 20,000 victims of cryptocurrency fraud across Canada, the United Kingdom, and the United States. Dubbed “Operation Atlantic,” this joint action took place last month, and it involved the NCA, the U.S. Secret Service, the Ontario Provincial Police, the Ontario […]
Microsoft: Canadian employees targeted in payroll pirate attacks
A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees’ salary payments after hijacking their accounts in payroll redirection (also known as payroll pirate) attacks. The attackers used malicious Microsoft 365 sign-in pages to steal victims’ authentication tokens and session cookies by redirecting them to domains (e.g., bluegraintours[.]com) hosting malicious web pages (pushed […]
Canadian retail giant Loblaw notifies customers of data breach
Loblaw Companies Limited (Loblaw), the largest food and pharmacy retailer in Canada, announced that hackers breached a portion of its IT network and accessed basic customer information. The retailer has a nationwide network of 2,500 stores (franchise supermarkets, pharmacies, banking kiosks, and apparel shops) and plans to expand with 70 new ones this year as part of […]
CIRO confirms data breach exposed info on 750,000 Canadian investors
The Canadian Investment Regulatory Organization (CIRO) confirmed that the data breach it suffered last year impacts about 750,000 Canadian investors. The organization disclosed the incident on August 18, but completed an extensive forensic investigation this year, on January 14. CIRO is Canada’s national self-regulatory body for investment dealers, mutual fund dealers, and trading activity. It […]
CISA warns of Chinese “BrickStorm” malware attacks on VMware servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned network defenders of Chinese hackers backdooring VMware vSphere servers with Brickstorm malware. In a joint malware analysis report with the National Security Agency (NSA) and Canada’s Cyber Security Centre, CISA says it analyzed eight Brickstorm malware samples. These samples were discovered on networks belonging to victim organizations, where […]
Freedom Mobile discloses data breach exposing customer data
Freedom Mobile, the fourth-largest wireless carrier in Canada, has disclosed a data breach after attackers hacked into its customer account management platform and stole the personal information of an undisclosed number of customers. Founded in 2008 as Wind Mobile by telecommunications provider Globalive, Freedom has over 2,2 million subscribers and now says it provides coverage to […]
Canada says hacktivists breached water and energy facilities
The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that could have led to dangerous conditions. The authorities issued the warning to raise awareness of the elevated malicious activity targeting internet-exposed Industrial Control Systems (ICS) and the need […]
Toys “R” Us Canada warns customers’ info leaked in data breach
Toys “R” Us Canada has sent notices of a data breach to customers informing them of a security incident where threat actors leaked customer records they had previously stolen from its systems. The company discovered the data leak on July 30, 2025, when a threat actor posted on the dark web what they claimed to […]
WestJet data breach exposes travel details of 1.2 million customers
Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised the personal information of 1.2 million customers, including passports and ID documents. WestJet is a major airline in North America, operating a fleet of 153 aircraft and serving 104 destinations, which carry over 25 million travelers annually. On June 13, the company disclosed a […]
WestJet confirms recent breach exposed customers’ passports
Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised their sensitive information, including passports and ID documents. WestJet is a major airline in North America that operates a fleet of 153 aircrafts and services 104 destinations, carrying over 25 million travelers annually. On June 13, the company disclosed a cybersecurity incident that disrupted certain internal […]