Canada Goose Data Breach
Canada Goose Premium Outerwear Brand Breach (2025): 582K Customer Records Including Partial Credit Card Data & Purchase History Exposed
Outerwear and luxury apparel brand.
Risk Interpretation
Exposure enables phishing, order fraud, delivery impersonation, and affluent-customer targeting. Premium-brand purchase data can also signal higher-value households.
Impact & Downstream Threats
Direct institutional cost to Canada Goose has so far been modest because the company has positioned the incident as a third-party payment-processor breach rather than a compromise of its own systems. There have been no public regulatory penalties, settlements, or customer-notification programs as of early 2026. The principal exposures are reputational and operational. The brand's high-net-worth customer base is unusually attractive for fraudsters, which raises pressure on customer-experience and
- Financial fraud using exposed financial profile data
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
A dataset of around 600,000 Canada Goose customer records appeared in February 2026 on the leak site of the data-extortion group ShinyHunters. The archive, distributed as a 1.67 GB JSON file, contained roughly 920,000 lines of order and refund data covering names, email addresses, phone numbers, billing and shipping addresses, IP addresses, device and browser details, order histories, and partial payment card information.\n\nThe partial card data included card brand, the last four digits, and in some cases the first six digits or BIN. Full card numbers were not present. Canada Goose stated publicly that it had found no evidence of a breach of its own systems and that the data appears to have come from a third-party payment processor that handled past customer transactions. ShinyHunters attributed the underlying compromise to an August 2025 incident at that third party. Independent researchers noted that much of the data appeared to date from 2021 to 2023, raising the possibility that ShinyHunters republished older material.\n\nFor affected customers, the practical risk is targeted phishing and order-related fraud rather than direct payment compromise. Scams referencing real past orders, shipping addresses, or partial card details are now plausible. Affluent customers should be alert to messages claiming order issues or refund offers and should verify any such contact through the canadagoose.com customer service channel rather than through links in unsolicited messages.
About Canada Goose
Canada Goose is a Toronto-based outerwear and luxury apparel company best known for performance-focused parkas and winter clothing. Founded in 1957, the brand sells through company-owned retail stores, wholesale partners, and a direct-to-consumer e-commerce channel that ships globally. The company is publicly traded and reported roughly $1 billion in annual revenue in fiscal 2025, with a workforce of nearly 5,000. Its customer base is concentrated in higher-income North American and European households, reflecting the price point of the core product line.
Why They Hold Your Data
Premium apparel brands collect customer identity, contact details, addresses, order history, loyalty or clienteling records, and payment-adjacent data across retail and e-commerce operations.
Recent Developments
In February 2026, the data extortion group ShinyHunters published a dataset of more than 600,000 Canada Goose customer records on its dark-web leak site. Canada Goose responded publicly, stating that it had no indication of a breach of its own systems and that the data appears to relate to past customer transactions handled by a third party. The company says its review found no evidence that unmasked financial data was exposed. As of early 2026, the investigation is ongoing, no formal customer notifications have been confirmed, and no regulatory action has been publicly announced.
Data Points Exposed
Exposure Categories
Canonical Fields
credit_card:partial, device_information, email_address, full_name, ip_address, phone_number, physical_address, transaction_history:purchase; email_address, full_name, phone_number, physical_address:home
Dark Web Verification
- Dataset containing ~582K records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: Canada Goose Data Breach; canada-goose-2026
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Canada Goose
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam