January 28, 2026 A suspected credit card skimming attack on the Canada Computers online store may have quietly exposed customer payment data for weeks, according to evidence uncovered by a hobbyist web developer. Customers are warned to cancel their cards.

Canada Computers & Electronics, which operates roughly 38 stores across Ontario, British Columbia, Nova Scotia and Québec, confirmed this week that an unauthorized party may have accessed customer information through its e-commerce platform.

The issue was first detected on Jan. 18, when a shopper noticed a suspicious script embedded in the checkout page while making a purchase. The code resembled a Magecart-style “card skimmer,” a form of malware designed to capture everything typed into payment fields, including credit card numbers, CVV codes and billing addresses.

The shopper reportedly tried to alert the company twice through customer support tickets. However, both requests were closed without response. The malicious script was only removed after the findings were shared publicly on Reddit, prompting wider scrutiny.

Archived versions of the checkout page suggest the skimmer may have been active since at least late December. Just after midnight Pacific time on Jan. 26, Canada Computers began notifying affected customers by email.

In the notice, the retailer acknowledged that “an unauthorized user may have gained access to certain customer information, including email addresses, first and last names and possibly credit card numbers.”

While the notice pointed out that there is no evidence that the exposed data has been used, customers are advised to closely monitor their financial statements and update their passwords.

“Our systems have been thoroughly vetted and further enhancement to our security systems have been implemented,” the company stated.

Security experts say customers who made purchases on the Canada Computers website between early December and Jan. 22 should treat the incident cautiously. As a precaution, they recommend monitoring credit card activity closely and considering freezing or cancelling cards used during that period.