LCBO’s investigation into this matter, which is being conducted with the help of third-party experts, revealed that a web skimming script was active on the LCBO.com website between January 5th and 10th of this year. Similar to a credit card skimmer in the physical world, a web skimmer piggy-backs on a legitimate transaction mechanism, stealing any information entered during the checkout process. In this case, the stolen information includes the names, email and mailing addresses, Aeroplan numbers, LCBO.com account passwords, and credit card credentials of customers who carried out transactions on LCBO.com in the period during which the skimmer script was active.
LCBO’s investigation is still ongoing, with the retailer seeking to identify the exact customers affected by the incident in order to contact them directly. However, in the mean time, LCBO has advised all customers who went through the online checkout process during the time when the skimmer was active to monitor their credit card transaction history for suspicious activity, regardless of whether customers fully completed their LCBO.com orders. Any customers who fall into this category should report any suspicious activity to their credit card providers. We also advise that potentially affected customers enact credit freezes and request that their credit cards be re-issued with new credentials to prevent any abuse in the future.