ShellCodeX Breach Report
Canada Life Data Breach
canadalife.com
Verified breach
Accounts exposed
237,810
Breach date
20 Apr 2026
Added to tracker
13 May 2026
Data classes
7
What happened
In April 2026, Canada Life was the victim of a "pay or leak" extortion campaign by the ShinyHunters group. The group subsequently published the data which contained over 200k unique email addresses along with names, phone numbers, physical addresses and, in some cases, customer support tickets. In their disclosure notice, Canada Life advised that "it is a small proportion of our customers who may have been impacted". In the wake of the incident, Canada Life also published an alert cautioning customers to be wary of phishing attacks, a pattern often seen after the public release of breached data.
Exposed data
Email addresses
Job titles
Names
Phone numbers
Physical addresses
Salutations
Support tickets
Recommended actions
- Watch for targeted phishing emails referencing Canada Life โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP