Canada Life Data Breach

What Happened

In April 2026, Canada Life was the victim of a "pay or leak" extortion campaign by the ShinyHunters group. The group subsequently published the data which contained over 200k unique email addresses along with names, phone numbers, physical addresses and, in some cases, customer support tickets. In their disclosure notice, Canada Life advised that "it is a small proportion of our customers who may have been impacted". In the wake of the incident, Canada Life also published an alert cautioning customers to be wary of phishing attacks, a pattern often seen after the public release of breached data.

Compromised Data

Email addresses

Job titles

Names

Phone numbers

Physical addresses

Salutations

Support tickets

Recommended Actions

Sponsored

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Breach Overview

Affected Accounts:

237.8 thousand
Breach Occurred:

April 2026
Added to HIBP:

13 May 2026
Official disclosure statement

Recommended Actions

Change Your Password

If you haven’t already changed the password affected by this breach, do so immediately on every account where it was used.

Enable Two-Factor Authentication

Wherever 2FA is supported, add an extra layer of security to your account.

Sponsored

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.