Data breach impacts Toys “R” Us Canada customers

Toys "R" Us Canada has confirmed the legitimacy of customer data exposed by a threat actor in late July, BleepingComputer reports. Investigation into the data breach conducted alongside external cybersecurity experts revealed that Toys "R" Us Canada had records pilfered from its customer database, compromising individuals' full names, physical and email addresses, and phone numbers. However, attackers were not able to exfiltrate account credentials, credit card details, and other sensitive information, said Toys "R" Us Canada in breach notices sent to customers. Additional details regarding the number of impacted customers, the identity of the threat actor who leaked the information, or the involvement of any ransom demand were not provided by the firm, which only noted the implementation of more IT security defenses in the aftermath of the breach as it urged affected individuals to be vigilant of phishing emails spoofing Toys "R" Us.