Loblaw Faces Alleged Massive Data Breach as Threat Actor Demands Response A threat actor operating under the handle "igotafeeling" on the DarkWeb Informer forum has claimed to have breached Loblaw, Canada’s largest food and pharmacy retailer, which owns brands like President’s Choice, No Frills, Shoppers Drug Mart, Real Canadian Superstore, and the PC Optimum loyalty program. The actor alleges possession of over 1.8 billion records, including: - 75.1 million Salesforce customer records (names, emails, phone numbers, addresses, loyalty IDs, and health card numbers) - 724.9 million Shoppers Drug Mart records (passwords, tokens, loyalty IDs, payment details, and full credit card numbers with expiry dates) - 129.9 million pharmacy fill requests (prescription numbers and patient IDs) - 120.4 million e-commerce fraud-feed records (payment card BINs, last-four digits, and expiry dates) - 20.2 million Delivery Ops Portal records (orders, deliveries, and postal codes) - 3,014 GitLab projects containing Loblaw’s full source code - 19.3 million Oracle identity records (MFA device details and credentials) - 55.3 million marketing and email records across 673 tables The threat actor has given Loblaw until March 19 to respond, accusing the company of "ghosting" them and dismissing customer and investor concerns. They have also invited media organizations to verify the data’s authenticity. In response, Loblaw issued a March 12 press release, labeling the incident a "low-level data breach" and stating that only "basic customer information" (names, phone numbers, and emails) may have been accessed. The company explicitly denied evidence of financial or credit card data compromise directly contradicting the threat actor’s claims. While the breach remains unverified, the scale of the alleged exposure if confirmed would rank among the largest in Canadian history. The situation mirrors past high-profile breaches (e.g., T-Mobile, Equifax, Capital One), where initial corporate statements downplayed impact before later revelations proved otherwise. Loblaw customers with PC Optimum accounts, Shoppers Drug Mart loyalty cards, or prescription histories may be affected if the claims hold true. The deadline for Loblaw’s response is six days away.

Loblaw Investigates Data Breach Following Suspicious Activity Loblaw Companies Limited, one of Canada’s largest grocery and pharmacy retailers, is investigating a potential data breach after detecting suspicious activity within its systems. The company confirmed the incident but has not disclosed specific details about the nature of the breach, the number of affected customers, or whether personal or financial data was compromised. The investigation comes as cybersecurity threats targeting retailers continue to rise, with attackers often seeking payment card information, customer records, or access to corporate networks. Loblaw operates major brands, including Shoppers Drug Mart, Real Canadian Superstore, and No Frills, serving millions of Canadians. While the company has not provided a timeline for the incident, data breaches in the retail sector typically prompt heightened monitoring for fraudulent transactions and potential regulatory scrutiny. The outcome of Loblaw’s investigation may determine whether affected individuals will be notified or offered credit monitoring services. The incident underscores the ongoing risks faced by large retailers, which remain prime targets for cybercriminals due to the vast amounts of sensitive data they handle. Further updates are expected as the investigation progresses.