Cyber Incident Victim: Canadian Tire

In early February 2017, Canadian Tire detected unusual traffic patterns on its website, prompting an immediate suspension of customer sign-in capabilities to protect user accounts. The company initiated an investigation into the anomalous activity, which disrupted access to online accounts containing customer reward points and credit card information. Customers attempting to log in encountered a message stating the service was "temporarily unavailable" while the company addressed the issue. Global News reported the disruption on February 7 after being alerted by an unnamed Canadian Tire customer who discovered the login outage. Communications manager Stephanie Nadalin confirmed the proactive measure was taken as a precautionary response to the suspicious network traffic, though the company did not initially disclose whether customer data had been compromised or accounts breached during the incident.

The login suspension prevented customers from accessing their Canadian Tire accounts indefinitely while the investigation continued, though the company provided no specific timeline for restoration. No details were released regarding the technical nature of the unusual traffic, potential attack vectors, or number of affected accounts. Canadian Tire's public communications focused exclusively on the protective action taken rather than confirming any data exfiltration or system intrusion. The incident coincided with a separate breach disclosure by Loblaw Companies Limited involving stolen PC Plus rewards points, though no connection between the two events was established. Canadian Tire maintained its investigation priority was safeguarding customer information, but did not subsequently publish findings regarding the incident's root cause or final impact assessment through the available source materials.