Pick n Pay Stores Limited
March 23, 2026
•[ data breach, dark web, customer information ]
Pick n Pay confirmed a data breach involving customer information from an older version of its on-demand delivery platform, first known as Bottles and later Pick n Pay asap!. Reporting said the historical customer dataset had been offered for sale on a dark-web forum since March 23, 2026 and included names, contact details, residential addresses, dates of birth, partial payment-card information, encrypted passwords, and certain banking details. Public reporting did not identify the threat actor, encryption, data destruction, or operational disruption.
Loblaw
March 10, 2026
•[ data breach, unauthorized access, customer information ]
Canadian retailer Loblaw disclosed a data breach after a criminal third party accessed basic customer information. The company said the accessed data included names, email addresses and phone numbers. Loblaw stated its investigation indicated passwords, health information, and credit card data were not compromised, and PC Financial was not impacted. The company did not provide the number of affected customers, the intrusion vector or evidence of ransomware. The confirmed primary effect is unauthorized access to limited customer contact information.
