LCBO Statement Regarding Cybersecurity Incident And Response

Photo courtesy of LCBO, licensed under CC BY-NC-ND 2.0

LCBO has experienced a cybersecurity incident, affecting online sales through Immediate steps were taken to contain the issue, including disabling customer access to both and our mobile app while we engaged with third-party experts to conduct a forensics investigation.

At this time, we can confirm that an unauthorized party embedded malicious code into our website that was designed to obtain customer information during the checkout process. Unfortunately, customers who provided personal information on our check-out pages and proceeded to our payment page on between January 5, 2023, and January 10, 2023, may have had their information compromised. This could include names, email and mailing addresses, Aeroplan numbers, account password, and credit card information. This incident did not affect any orders placed through our mobile app or

We are continuing our investigation into the incident to identify the specific customers impacted so that we can communicate with them directly. Out of an abundance of caution, we recommend all customers who initiated or completed payment for orders on during this window monitor their credit card statements and report any suspicious transactions to their credit card providers.

With a thorough review and testing of the website complete, including enhanced security and monitoring measures in place, and our mobile app have been restored and are fully operational. We have also reset all account passwords. Registered customers will be prompted to reset their password on login.

LCBO is committed to providing a trusted online shopping experience. We value the security of all information that is entrusted to us and thank our customers, employees, and partners for their patience and understanding.


Please enter your comment!
Please enter your name here