LCL A.I CyberSecurity Scoring
LCL
Company Information
Website:http://www.loblaw.ca/
Employees number:23,641
Number of followers:275,136
NAICS:43
Industry Type:Retail
Homepage:loblaw.ca
LCL Risk Score (AI oriented)
Between 550 and 599
LCLRetail
Updated:
09/07/2026
09/07/2026
586/1000
Very Poor
Ca
LCL Global Score (TPRM)
xxxx
LCLRetail
Score locked

LCLVery Poor
Current Score
586Ca (VERY POOR)
01000
7 incidents
-51.67 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
587
JUNE 2026
583
MAY 2026
575
APRIL 2026
620
Breach
17 Apr 2026 • LCL
Loblaw and Telus Digital: Canada Life breach exposes data of up to 70,000 people – mostly customers
Canada Life Cyber Incident Exposes Personal Data of Up to 70,000 Individuals
574
CRITICAL-46
LOBTEL1776782580
Canada Life Cyber Incident Exposes Personal Data of Up to 70,000 Individuals
Canada Life has confirmed a cybersecurity incident involving unauthorized access to customer data through a compromised employee account. The breach, detected in recent weeks, exposed personal information including names, addresses, dates of birth, phone numbers, and account numbers for up to 70,000 individuals, primarily employees covered under a large corporate group benefits plan. Payment details and passwords were not compromised.
The attack was traced to the criminal group ShinyHunters, which gained access via a subcontractor’s account linked to Freedom Mobile’s platform. Canada Life has engaged third-party cybersecurity experts to investigate and has notified authorities. While the company stated the incident was contained and operations remain unaffected, affected individuals will be contacted directly and offered free credit monitoring.
The breach follows a pattern of recent cyber incidents in Canada, including a Loblaw breach exposing basic customer data (names, emails, and phone numbers) and a Telus Digital intrusion also attributed to ShinyHunters. Earlier in 2025, a phishing attack disclosed in August revealed a far larger compromise than initially reported, affecting 750,000 investors with sensitive financial data.
Canada Life emphasized its commitment to customer protection and is working to assess the full scope of the impact. The incident underscores the growing threat of cyberattacks targeting employee accounts and third-party vulnerabilities in corporate systems.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
MARCH 2026
689
Breach
13 Mar 2026 • LCL
Shoppers Drug Mart, President’s Choice, Loblaw, No Frills and PC Optimum: “Threat Actor” on the dark web claims Loblaw’s “low-level” data breach is a much larger threat
Alleged Massive Data Breach at Loblaw
618
CRITICAL-71
NO-SHOPRELOB1773534483
Loblaw Faces Alleged Massive Data Breach as Threat Actor Demands Response
A threat actor operating under the handle "igotafeeling" on the DarkWeb Informer forum has claimed to have breached Loblaw, Canada’s largest food and pharmacy retailer, which owns brands like President’s Choice, No Frills, Shoppers Drug Mart, Real Canadian Superstore, and the PC Optimum loyalty program.
The actor alleges possession of over 1.8 billion records, including:
- 75.1 million Salesforce customer records (names, emails, phone numbers, addresses, loyalty IDs, and health card numbers)
- 724.9 million Shoppers Drug Mart records (passwords, tokens, loyalty IDs, payment details, and full credit card numbers with expiry dates)
- 129.9 million pharmacy fill requests (prescription numbers and patient IDs)
- 120.4 million e-commerce fraud-feed records (payment card BINs, last-four digits, and expiry dates)
- 20.2 million Delivery Ops Portal records (orders, deliveries, and postal codes)
- 3,014 GitLab projects containing Loblaw’s full source code
- 19.3 million Oracle identity records (MFA device details and credentials)
- 55.3 million marketing and email records across 673 tables
The threat actor has given Loblaw until March 19 to respond, accusing the company of "ghosting" them and dismissing customer and investor concerns. They have also invited media organizations to verify the data’s authenticity.
In response, Loblaw issued a March 12 press release, labeling the incident a "low-level data breach" and stating that only "basic customer information" (names, phone numbers, and emails) may have been accessed. The company explicitly denied evidence of financial or credit card data compromise directly contradicting the threat actor’s claims.
While the breach remains unverified, the scale of the alleged exposure if confirmed would rank among the largest in Canadian history. The situation mirrors past high-profile breaches (e.g., T-Mobile, Equifax, Capital One), where initial corporate statements downplayed impact before later revelations proved otherwise.
Loblaw customers with PC Optimum accounts, Shoppers Drug Mart loyalty cards, or prescription histories may be affected if the claims hold true. The deadline for Loblaw’s response is six days away.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MARCH 2026
780
Breach
10 Mar 2026 • LCL
Loblaw Companies Limited: Loblaw notifies customers of a low-level data breach
Loblaw Data Breach Impacting Customer Information
742
CRITICAL-38
LOB1773182157
Loblaw Investigates Data Breach Impacting Customer Information
On March 10, 2026, Loblaw Companies Limited, Canada’s largest food and pharmacy retailer, disclosed a data breach affecting some of its customers. The company detected suspicious activity on a non-critical segment of its IT network, leading to an investigation that confirmed unauthorized access by a third-party criminal.
The exposed data includes basic customer details such as names, phone numbers, and email addresses. Loblaw’s investigation indicates that passwords, health information, and credit card data were not compromised, and PC Financial services remained unaffected.
As part of its response, Loblaw secured its network and logged out all customers from their accounts, requiring them to re-authenticate to access digital services. The company continues its forensic investigation to assess the full scope and impact of the incident.
Loblaw, which employs over 220,000 people across Canada, has not provided further details on the number of affected customers or the method of the breach. The incident remains under review as the company evaluates potential risks and next steps.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
FEBRUARY 2026
780
JANUARY 2026
779
DECEMBER 2025
778
NOVEMBER 2025
778
OCTOBER 2025
777
SEPTEMBER 2025
776
AUGUST 2025
775
JUNE 2025
773
Ransomware
16 Jun 2025 • LCL
Broadcom
Cl0p Exploits Zero-Day Vulnerabilities in Oracle E-Business Suite Leading to Massive Data Breaches
711
CRITICAL-62
BRO3105131112625
Broadcom, a global technology leader valued at hundreds of billions, was among the high-profile victims of Cl0p’s ransomware attack exploiting a zero-day vulnerability in Oracle’s E-Business Suite (CVE-2025-61882 and CVE-2025-21884). The cybercriminal group exfiltrated sensitive corporate and customer data, threatening to leak or sell it unless a ransom was paid. The breach compromised critical systems, risking financial records, proprietary business data, and third-party customer information. Cl0p’s extortion tactics included warnings of public disclosure on their blog, torrent leaks, or sales to malicious actors, amplifying reputational and operational risks. Given Broadcom’s role in semiconductor and infrastructure technology, the attack posed supply chain cascading risks, potentially disrupting clients reliant on its products. Oracle issued emergency patches, but the damage—including data theft, potential regulatory fines, and erosion of stakeholder trust—had already occurred. The incident underscores vulnerabilities in enterprise software dependencies, with Broadcom facing long-term financial and strategic repercussions if the stolen data is weaponized.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MAY 2024
798
Breach
03 May 2024 • LCL
Loblaw Companies Ltd.: Loblaw says some customers affected by data breach
Loblaw Data Breach
760
CRITICAL-38
LOB1773184670
Loblaw Data Breach and U.S. Consulate Shooting Highlight Security Incidents in Canada
Loblaw Companies Ltd., the parent company of Loblaws and Shoppers Drug Mart, disclosed a data breach affecting some customers after detecting suspicious activity on a non-critical part of its IT network. The breach exposed names, phone numbers, and email addresses, though passwords, health information, and credit card data remained secure. The company has since secured its systems, logged out all customers, and confirmed that PC Financial was unaffected. The number of impacted customers was not specified.
Separately, Toronto police are investigating a national security incident after multiple shots were fired at the U.S. Consulate in downtown Toronto early Tuesday morning. Authorities are examining potential links to recent shootings at local synagogues. Police released an image of a suspect vehicle, believed to be connected to two male suspects. Ontario Premier Doug Ford suggested the incident may be tied to broader security threats, though the RCMP has not confirmed his claims about terror sleeper cells in Canada.
The incidents coincide with severe weather warnings for southern Ontario, where heavy rainfall starting Tuesday night could lead to localized flooding. Investigations into both the cyber breach and the consulate shooting remain ongoing.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
MAY 2018
784
Breach
03 May 2018 • LCL
Loblaw Companies Limited, Shoppers Drug Mart and No Frills: Loblaw investigates data breach after identifying suspicious activity
Loblaw Investigates Data Breach Following Suspicious Activity
746
CRITICAL-38
LOBSHONO-1773196440
Loblaw Investigates Data Breach Following Suspicious Activity
Loblaw Companies Limited, one of Canada’s largest grocery and pharmacy retailers, is investigating a potential data breach after detecting suspicious activity within its systems. The company confirmed the incident but has not disclosed specific details about the nature of the breach, the number of affected customers, or whether personal or financial data was compromised.
The investigation comes as cybersecurity threats targeting retailers continue to rise, with attackers often seeking payment card information, customer records, or access to corporate networks. Loblaw operates major brands, including Shoppers Drug Mart, Real Canadian Superstore, and No Frills, serving millions of Canadians.
While the company has not provided a timeline for the incident, data breaches in the retail sector typically prompt heightened monitoring for fraudulent transactions and potential regulatory scrutiny. The outcome of Loblaw’s investigation may determine whether affected individuals will be notified or offered credit monitoring services.
The incident underscores the ongoing risks faced by large retailers, which remain prime targets for cybercriminals due to the vast amounts of sensitive data they handle. Further updates are expected as the investigation progresses.
INCIDENT DETAILS -
TYPE
DATA BREACH
REFERENCES
JULY 2017
829
Breach
01 Jul 2017 • LCL
Loblaw Companies Limited
Loblaws Security Breach Incident
778
LOW-51
LOB944271022
Loblaws suffered from the security breach incident that exposed the security of a ‘small number’ of accounts.
In addition to other websites from the Loblaws food company, comprised websites include Joefresh.com, Beautyboutique.ca, and Loblaws.ca.
They sent an email to those affected by the breach.
INCIDENT DETAILS -
TYPE
IMPACT
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for LCL ??
What was LCL's A.I Rankiteo Cyber Score in June 2026 ??
What was LCL's A.I Rankiteo Cyber Score in May 2026 ??
What was LCL's A.I Rankiteo Cyber Score in April 2026 ??
What was LCL's A.I Rankiteo Cyber Score in March 2026 ??
What was LCL's A.I Rankiteo Cyber Score in February 2026 ??
What was LCL's A.I Rankiteo Cyber Score in January 2026 ??
What was LCL's A.I Rankiteo Cyber Score in December 2025 ??
What was LCL's A.I Rankiteo Cyber Score in November 2025 ??
What was LCL's A.I Rankiteo Cyber Score in October 2025 ??
What was LCL's A.I Rankiteo Cyber Score in September 2025 ??
What was LCL's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on LCL's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with LCL ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view LCL's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?