'Malicious code' embedded on LCBO site, customer data may be compromised

The Liquor Control Board of Ontario says an unauthorized party embedded "malicious code" on its website to obtain customer information, and personal data may have been compromised.

The provincial Crown corporation had said Wednesday that it was investigating a cybersecurity incident that knocked out its website and mobile app – both are now operating again.

In a statement today, the LCBO says customers who provided personal information on check-out pages on its website and proceeded to its payment page between Jan. 5 and Jan. 10 may have had their information compromised.

It says that could include names, email and mailing addresses, and credit card information.

It recommends everyone who started or completed payment for orders on LCBO.com during the affected time period to monitor credit card statements for suspicious transactions.

Orders placed through the LCBO mobile app or vintagesshoponline.com were not affected.

This report by The Canadian Press was first published Jan. 12, 2023.

The Canadian Press