On October 2, 2025, Canadian Tire Corporation (CTC) identified unauthorized access to an e-commerce database containing customer information. The breach affected accounts across Canadian Tire, SportChek, Mark’s/L’Équipeur, and Party City, exposing names, addresses, emails, birth years, encrypted passwords, and in some cases, truncated credit card numbers. No banking or loyalty program data was compromised, and in-store systems remained unaffected.
CTC acted quickly to resolve the vulnerability and is working with cybersecurity experts to strengthen its systems. Fewer than 150,000 accounts included full birth dates, and those customers will be contacted directly and offered credit monitoring. The incident has been reported to privacy regulators, and all e-commerce platforms are now secure and operational.
This event underscores the importance of proactive cybersecurity measures. Data segmentation, encryption, and real-time monitoring are essential tools for protecting sensitive information. Businesses should also have clear protocols for regulatory compliance and customer communication in the event of a breach.
Canadian Tire’s response highlights the value of transparency and preparedness. As cyber threats continue to rise, Canadian companies must treat data protection as a strategic priority.
For more details, visit https://corp.canadiantire.ca/English/media/cyber-incident.
Original article courtesy of CanadianTire.ca
Enhance Your Business Security with Expert Cybersecurity Solutions. Click here to learn more and download shawcsIT’s free services overview catalogue.