Canada Computers & Electronics is actively investigating a data breach affecting numerous individuals, leading to customer dissatisfaction with the company’s response and communication. Eric Pimentel, an IT professional, expressed frustration after being informed of potential impact, prompting him to cancel his credit card, only to later learn he was not affected. Similarly, Toronto resident Brad Seward canceled his card upon receiving a notification from Canada Computers, only to discover he was unaffected.
The retailer, headquartered in Richmond Hill, Ontario, disclosed that approximately 1,284 customers were impacted by the breach, which compromised personal information, including credit card details. Following the discovery of unauthorized access to its retail website system on January 22, the company promptly contained the breach, informed authorities, initiated an investigation, and notified affected customers on January 25. The incident has been reported to federal privacy authorities and York Region police.
Affected individuals, including Pimentel and Seward, reported receiving conflicting notifications from the company regarding their status in the breach aftermath. Canada Computers acknowledged the confusion and attributed it to a miscommunication, clarifying that both impacted and unaffected customers received initial notices, with follow-up messages sent to confirm the lack of impact on some individuals.
The breach primarily affected customers who checked out as “guests” on the website and provided personal information between December 29 and January 22. Despite not checking out as a guest, Pimentel remains skeptical of the company’s explanation, emphasizing the need for transparency from a major retailer like Canada Computers, which operates numerous stores across provinces.
Seward, who also did not use the guest checkout option, expressed doubts about the company’s explanation, highlighting discrepancies in his experience. Cybersecurity experts, including Terry Cutler and John Bruggeman, noted that data breaches often go undetected for extended periods, with the global average breach life cycle reported to be around 241 days. Cutler emphasized the enduring value of stolen data to cybercriminals, necessitating ongoing vigilance by affected individuals.
In response to the breach, Canada Computers has offered affected customers guidance on safeguarding their personal and financial information, along with two years of credit monitoring and identity theft protection.