North Pole Company data breach exposes details on half a million users

A hacker wearing a hoodie sitting at a computer, his face hidden.

(Image credit: Shutterstock / Who is Danny)

Threat actor FutureSeeker posts new thread on BreachForums
They claim to have stolen sensitive data from The North Pole Company
The gift basket firm is yet to respond to the claims

The North Pole Company, a Canadian gift basket delivery service, allegedly suffered a data breach in which half a million customers lost sensitive personal information.

The claim was made on BreachForums, a popular underground community where cybercriminals come to share tools, resources, and experiences, to find partners and plan future attacks.

Cybersecurity researchers from Incogni reported a threat actor using the alias FutureSeeker posted a new thread on BreachForums on January 19, offering a North Pole database to its peers.

No response yet

“Today I have uploaded the NorthPole database for you to download, thanks for reading and enjoy!” reads the thread.

The data compromised in the attack includes email addresses, phone numbers, emails, postal addresses, and full names, of exactly 520,599 people.

The North Pole Company has not yet made an official statement about the alleged breach. We have reached out and will update the article if we hear back.

The North Pole Company is a Canadian gift basket delivery service specializing in Christmas gift baskets featuring gourmet foods, wines, and festive items, aiming to be the leading provider in Canada and the United States.

FutureSeeker is a relatively unknown name in the cybercriminal community. However, if the claims end up being true, that could change. More than half a million active email addresses, together with full names and phone numbers, is more than enough information for phishing, and fraud, leaving users potentially in need of identity theft protection.

To be on the safe side, if you’ve used The North Pole Company’s services in the past couple of years, be wary of incoming email messages and phone numbers, especially from people claiming to be the company’s representatives.

BreachForums is back — just weeks after FBI reportedly took down cybercrime website, it reappears
Here's a list of the best antivirus tools on offer
These are the best endpoint protection tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.