ShellCodeX Breach Report
Canada Goose Data Breach
canadagoose.com
Verified breach
Accounts exposed
581,877
Breach date
04 Jul 2025
Added to tracker
17 Feb 2026
Data classes
8
What happened
In February 2026, a data breach allegedly containing data relating to Canada Goose customers was published publicly. The data contained 920k records with 582k unique email addresses and included names, phone numbers, IP addresses, physical addresses and partial credit card data, specifically card type and last 4 digits. Canada Goose advised that the data "appears to relate to past customer transactions" and stated that it originated from a breach at a third party in August 2025. The most recent transaction date in the data is July 2025.
Exposed data
Device information
Email addresses
IP addresses
Names
Partial credit card data
Phone numbers
Physical addresses
Purchases
Recommended actions
- Watch for targeted phishing emails referencing Canada Goose โ attackers weaponise breach data quickly.
- Monitor your bank and card statements closely and consider requesting a card replacement.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP