Overview
- The extortion group released a 1.67 GB JSON archive that journalists verified contains e‑commerce order data with names, emails, addresses, phone numbers, IPs, device details, and order histories.
- The files include partial payment details such as card brand, last four digits, and some BINs, which raise risks of phishing, social engineering, fraud, and customer profiling despite no full card numbers appearing present.
- Canada Goose is reviewing the dataset to confirm its accuracy and scope and to determine whether customer notifications are required.
- ShinyHunters claims the data came from a third‑party payment processor and dates to August 2025, a claim not independently verified and described as unrelated to the group’s recent SSO intrusions.
- A review by The Register indicates records span customers in North America and Europe.