ransomware🌐InternationalSecurity Affairs
ShinyHunters Leaks Canada Goose Customer Data; Firm Denies Breach
Monday, February 16, 2026
What
The ShinyHunters cybercrime group published over 600,000 alleged Canada Goose customer records, containing PII and partial payment details, on their data leak site. This incident is significant as it exposes sensitive customer information, despite Canada Goose denying a direct breach of their systems and suggesting the data may be from past transactions.
Where
Canada Goose, a Canadian luxury outerwear company.
When
Leaked on February 14, 2026, and reported on February 16, 2026.
Key Factors
- •The leaked dataset, totaling 1.67 GB, reportedly contains customer names, emails, addresses, purchase history, and partial credit card details (brand, last four digits, BINs).
- •Canada Goose maintains that their internal systems were not breached, suggesting the data could originate from older transactions or third-party sources, which requires further investigation.
Takeaways
- →Customers who have purchased from Canada Goose should monitor financial statements and be vigilant against phishing attempts using leaked PII.
- →Organizations must implement robust data security measures and conduct thorough investigations into claims of data leaks, even when denying direct system breaches.
Read Full Article
Opens original article on Security Affairs
