Canadian e-commerce giant North Pole Company faces alleged data breach affecting over 500,000 customers

The North Pole Company, a leading Canadian gift basket delivery service, is under scrutiny following claims of a significant data breach. Allegations surfaced on January 19, 2025, when a user known as “FutureSeeker” posted on BreachForums, a notorious platform for cybercriminals, offering a database purportedly containing sensitive information of 520,599 individuals.

The compromised data reportedly includes customers’ full names, email addresses, phone numbers, and home addresses, making it a potential goldmine for cybercriminal activities such as phishing, identity theft, and fraud. The thread on BreachForums, titled “Today I have uploaded the NorthPole database for you to download,” has raised serious concerns about consumer privacy and corporate cybersecurity.

Despite the alarming claims, the North Pole Company has not issued an official statement confirming or denying the breach. Attempts to reach the company for comment have not yet been successful.

If the breach is verified, it could rank among the most significant data security incidents in Canada’s recent history. Though not including financial details, the data set is sufficient to facilitate social engineering attacks and other malicious activities. Cybersecurity experts warn North Pole Company customers to exercise caution with unexpected emails, calls, or messages, especially from entities claiming to represent the company.