The personal data of Giant Tiger store customers was compromised during a “security incident” believed to be linked to one of its suppliers, according to the retailer.
“Following an incident that took place at a Giant Tiger technology service provider, […] a security incident affecting personal information occurred recently,” the store chain indicated on its website Monday morning, without revealing the name of the service provider in question.
The low-cost retailer was informed of the breach on March 4 and claims to have immediately launched an investigation which made it possible to confirm around ten days later that the personal information of its customers had indeed been affected. The event was also reported to the Information and Privacy Commissioners.
The information affected includes customer names, addresses, telephone numbers and email addresses. “However, no payment information or passwords were affected,” channel spokesperson Alison Scarlett said in an email.
“The incident did not affect any Giant Tiger systems or applications, and there is no indication that personal information was misused,” she added.
Over the next few days, Giant Tiger will send an email to people who were affected by the information leak.
In the meantime, customers should “be vigilant” when receiving emails, mail, text messages or calls “that appear to come from Giant Tiger,” as fraudsters may use schemes to make it appear that their attempt phishing message comes from a legitimate sender.
“Be particularly careful when asked to provide your personal information, payment information or password. Under no circumstances will Giant Tiger ask you to provide your payment information or a password,” it is specified.