Skip to content
Cyber Breaches
Search
Data breachResolved

Canadian Tire data breach (2025)

In October 2025, retailer Canadian Tire was the victim of a data breach that exposed almost 42M records. The data contained 38M unique email addresses along with names, phone numbers and physical addresses.

Victim
Canadian Tire
records
38.3M
SectorFinance
CountryCanada

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2025-10-02, Canadian Tire was affected by a data breach. Approximately 38,306,562 accounts were exposed. In October 2025, retailer Canadian Tire was the victim of a data breach that exposed almost 42M records. The data contained 38M unique email addresses along with names, phone numbers and physical addresses.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#CanadianTire
  2. canadiantire.cahttps://canadiantire.ca

Related incidents

Data breachResolved

Bell (2014 breach) data breach (2014)

In February 2014, Bell Canada suffered a data breach via the hacker collective known as NullCrew. The breach included data from multiple locations within Bell and exposed email addresses, usernames, user preferences and a number of unencrypted passwords and credit card data from 40,000 records…

Victim
Bell (2014 breach)
Records
20.9K
Data breachUnknown

Leak at PayTrip

On 27 December 2025, French money-transfer fintech PayTrip suffered a data breach exposing data on 74,877 customers, including names, contact details, IBANs and account balances, later circulated online by a threat actor.

Victim
PayTrip
Records
74.9K
Data breachResolved

Canada Goose data breach (2025)

In February 2026, a data breach allegedly containing data relating to Canada Goose customers was published publicly. The data contained 920k records with 582k unique email addresses and included names, phone numbers, IP addresses, physical addresses and partial credit card data, specifically card…

Victim
Canada Goose
Records
581.9K
Data breachContained

Data leak at UTwin

On 5 March 2025, French borrower-insurance broker UTwin notified clients that an intrusion into its IT system had temporarily exposed identity details, email addresses and phone numbers; the company said no banking, medical or contract data was affected.

Victim
UTwin