Data breach reported by Canada Goose

Key facts: Canada Goose data breach

• Date reported: February 15, 2026.
• Unauthorized access identified: August 2025 (estimated date of third-party breach).
• Target entity: Canada Goose (canadagoose.com).
• Source of breach: ShinyHunters (via a third-party payment processor).
• Data types: Personal information, e-commerce order details, and partial payment card information.
• Status: Confirmed; ShinyHunters claims to have acquired over 600,000 customer records.
• Severity: High; the exposed data includes detailed transaction history and partial financial information.

Protect against attacks like ShinyHunters. See how UpGuard helps.

What happened in the Canada Goose data breach?

Canada Goose (canadagoose.com) was the subject of a data breach incident reported on February 15, 2026, involving the threat actor group known as ShinyHunters. The extortion group claims to have acquired over 600,000 customer records containing personal and payment-related data. While the vendor stated that their own systems show no evidence of a breach, the dataset appears to consist of past transaction records believed to have originated from a third-party payment processor breach occurring in August 2025.

The released dataset, provided in JSON format, contains detailed e-commerce order records and partial payment card information. This high-severity incident underscores the risks associated with third-party data handling and supply chain vulnerabilities. The exposure of such detailed transaction history and partial financial data typically increases the risk of targeted phishing and fraudulent activities against the affected customer base.

Who is behind the incident?

ShinyHunters is a prolific data extortion group known for targeting high-profile organizations to steal and leak large-scale databases. The group has been active for several years, frequently operating on underground forums where they sell or publicly release stolen information to pressure victims. Their methods often involve exploiting misconfigured cloud storage, vulnerabilities in third-party services, or credential stuffing. ShinyHunters has a history of successful campaigns across various sectors, demonstrating a consistent focus on acquiring sensitive consumer data, including personal identifiers and financial records, for monetization or reputational damage.

Impact and risks for Canada Goose customers

For customers, the exposure of 600,000 records including e-commerce details and partial payment information presents significant security risks. This data could potentially be used for identity theft, credential abuse, or highly targeted phishing attacks. Because the records include specific order histories, malicious actors might craft convincing scams that reference past purchases to gain the trust of victims and extract further sensitive information.

Incidents of this nature often lead to increased fraudulent activity and long-term privacy concerns for consumers. Affected individuals should monitor their financial statements closely, update account credentials, and remain skeptical of unsolicited communications. Maintaining transparency regarding third-party security helps mitigate these ongoing risks and allows users to take proactive defensive measures.

How to protect against similar security incidents

Get instant alerts when your data appears on the dark web

Frequently asked questions

What happened in the Canada Goose security breach?

ShinyHunters claimed responsibility for a security attack on Canada Goose (canadagoose.com) in February 2026. The incident was first reported on February 15, 2026.

When did the Canada Goose breach occur?

The Canada Goose breach was publicly reported on February 15, 2026. ShinyHunters referenced the incident around that time, but the attack may have occurred earlier, with reports suggesting a third-party breach dating back to August 2025.

What data was exposed?

The types of data involved in the Canada Goose incident include over 600,000 customer records containing personal information, e-commerce order details, and partial payment card information. ShinyHunters has released this data in a JSON format.

Is my personal information at risk?

If you interacted with Canada Goose, there's a possibility your personal information could be affected. Similar incidents often involve email addresses, login details, or financial records. Stay alert for updates and take precautionary measures to secure your accounts.

How can I protect myself after this data breach?

• Change your account passwords immediately
• Enable multi-factor authentication (MFA) on all sensitive accounts
• Monitor your financial accounts for unauthorized activity
• Be cautious of phishing emails or texts referencing your past orders
• Use data breach monitoring tools to track your information on the dark web

What steps should companies take after being impacted by this breach?

Canada Goose is investigating the claims and has stated the data appears to relate to past transactions. Companies in this position typically secure their systems, notify affected parties, provide guidance on protective actions, and review third-party security measures to prevent future incidents.