好的,我现在需要帮用户总结一篇文章的内容,控制在100个字以内。首先,我得仔细阅读文章,理解主要信息。 文章讲的是Toys “R” Us Canada发生了数据泄露事件。他们在7月30日发现有黑客在暗网上泄露了客户资料。经过调查,确认这些信息是真实的,但没有涉及密码或信用卡信息。公司已经加强了系统安全,并通知了监管机构。同时提醒客户注意诈骗信息。 接下来,我需要将这些要点浓缩成一句话,不超过100字。要包含事件的时间、公司名称、泄露的信息类型、未泄露的信息、采取的措施以及提醒客户的内容。 可能的结构是:Toys“R”Us Canada在7月30日发现数据泄露,涉及客户姓名、地址等信息,但不包括密码和信用卡数据。公司已加强安全并通知监管机构,提醒客户警惕诈骗。 这样应该符合用户的要求。 </think> Toys“R”Us Canada于2025年7月30日发现数据泄露事件,涉及部分客户个人信息(如姓名、地址、邮箱和电话),但未泄露密码或信用卡信息。公司已加强系统安全并通知监管机构,提醒客户警惕诈骗信息。 2025-10-23 22:30:21 Author: www.bleepingcomputer.com(查看原文) 阅读量:8 收藏
Toys “R” Us Canada has sent notices of a data breach to customers informing them of a security incident where threat actors leaked customer records they had previously stolen from its systems.
The company discovered the data leak on July 30, 2025, when a threat actor posted on the dark web what they claimed to be Toys “R” Us customer data.
Subsequent investigation of the threat actor’s claims, conducted with the help of third-party experts, confirmed that the information was indeed authentic.
“On July 30, 2025, we became aware via a posting on the unindexed internet that a third-party was claiming to have stolen information from our database,” reads the letter sent to customers.
“We immediately hired third-party cybersecurity experts to assist with containment and to investigate the incident.”
“The investigation revealed that the unauthorized third party copied certain records form our customer database which contains personal information.”
The data types that were leaked vary per individual, and may contain one or more of the following:
- Full name
- Physical address
- Email address
- Phone number
Toys “R” Us underlines that account passwords, credit card information, or other “similar confidential data” were not exposed.
Toys “R” Us Canada, a subsidiary of Toys “R” Us, is a toy store chain operating 40 branches across the country, selling toys, video games, and clothing.
Following the discovery of the breach, the company has upgraded the security of its IT systems under the guidance of cybersecurity experts.
The firm also stated that it is in the process of notifying the applicable privacy regulatory authorities in Canada of the data breach.
Meanwhile, the notification recipients are advised to ignore unsolicited communications and remain alert for phishing messages that impersonate Toys “R” Us and request personal information.
BleepingComputer has contacted the company to ask more information about the threat actor who leaked the data, how many customers are exposed by this incident, and whether a ransom was demanded, but we have not received a response by publication.
如有侵权请联系:admin#unsafe.sh