Canada’s biggest alcohol retailer was hacked in an attempt to steal credit card numbers

Canadian’s Liquor Control Board of Ontario (LCBO), a government agency and country’s biggest beverage alcohol retailer, disclosed that unidentified attackers had hacked its website in order to insert malicious code to steal customers and credit cards information.

Wednesday’s announcement by LCBO stated that credit card stealing scripts were discovered on the website of third-party forensic investigators. The script was found to have been active for five days.

“At the moment, we are able to confirm that an unauthorized person embedded malicious code in our website that was intended to collect customer information during checkout,” LCBO .

Customers who entered personal information via our check-out pages, then proceeded onto our payment page at, between January 5, 2023 and January 10, 2023 may have their data compromised.

The malicious script was still active on the website of the retailer, but the attackers were able to steal financial and personal information that customers submitted during check-out.

These include customers’ names and email addresses as well as credit card numbers and passwords to accounts.

LCBO added that customers who used the mobile app or the online store to make orders were not affected.

Company is currently investigating and working to identify all affected customers.

LCBO cyber incident statement (


On January 10, LCBO that their website and mobile apps were unavailable without explaining the reason.

The Canadian retailer the following day that both the app and were down due to a cyber incident.

Two days following the discovery of the breach, LCBO a comprehensive statement describing the extent and impact of the attack on all customers who had used the website and mobile apps while the credit card skimmer were active.

The government-controlled company employs more than 8,000 people and operates 680 retail stores and five regional warehouse facilities.

The company is also a wholesaler for 450 grocery shops and offers wholesale support to 18,000 bars or restaurants.

Web skimming, also known as , is a technique where threat actors insert JavaScript-based scripts (credit card skimmers), payment card skimmers or web skimmers into compromised online shops to steal personal and payment information.

Later, the stolen information is sold to cybercriminals via hacking and carding forums. It can also be used for identity theft and financial fraud.