Canadian liquor distributor Liquor Control Board of Ontario (LCBO) has announced that a web skimmer injected into its online store was used to steal users’ personal data.
One of the largest liquor sellers in Canada, LCBO retails and distributes alcoholic beverages throughout the Ontario province, operating over 670 stores and employing more than 8,000 people.
Last week, the company abruptly took offline its online store and mobile application, only to later explain that it fell victim to a cyberattack in which a web skimmer was injected into LCBO.com.
“At this time, we can confirm that an unauthorized party embedded malicious code into our website that was designed to obtain customer information during the checkout process,” the retailer said.
According to LCBO, all individuals who provided their personal information on the online store’s check-out pages and made payments between January 5 and 10, 2023, are impacted.
The compromised personal information, the company says, includes names, addresses, email addresses, LCBO.com account passwords, Aeroplan numbers, and credit card information.
“This incident did not affect any orders placed through our mobile app or vintagesshoponline.com,” the company said.
The company did not share information on the number of impacted customers, but said that it disabled customer access to both the online store and mobile app as a precautionary measure, and that it also forced a password reset for all user accounts.
“LCBO.com and our mobile app have been restored and are fully operational. We have also reset all LCBO.com account passwords. Registered customers will be prompted to reset their password on login,” the company said.
Web skimmer attacks, also referred to as Magecart attacks, are typically the result of a misconfiguration or unpatched vulnerabilities that allow threat actors to inject information stealer malware into a website and harvest the information of unsuspecting users.
Magecart attacks have been around for years, with multiple groups operating under the umbrella and hundreds of online stores compromised to date. In 2019, a free service called URLscan.io was made available to help customers and retailers alike check for the presence of web skimmers.
Related: Hundreds of eCommerce Domains Infected With Google Tag Manager-Based Skimmers
Related: Target Open Sources Web Skimmer Detection Tool
Related: Web Skimmer Injected Into Hundreds of Magento-Powered Stores

More from Ionut Arghire
- Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer
- US, South Korea Detail North Korea’s Social Engineering Techniques
- High-Severity Vulnerabilities Patched in Splunk Enterprise
- Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals
- Google Temporarily Offering $180,000 for Full Chain Chrome Exploit
- Toyota Discloses New Data Breach Involving Vehicle, Customer Information
- Adobe Inviting Researchers to Private Bug Bounty Program
- Critical Vulnerabilities Found in Faronics Education Software
Latest News
- Insider Q&A: Artificial Intelligence and Cybersecurity In Military Tech
- In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack
- OpenAI Unveils Million-Dollar Cybersecurity Grant Program
- Galvanick Banks $10 Million for Industrial XDR Technology
- Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer
- US, South Korea Detail North Korea’s Social Engineering Techniques
- High-Severity Vulnerabilities Patched in Splunk Enterprise
- Idaho Hospitals Working to Resume Full Operations After Cyberattack
