Canada Life suffered a data breach in April 2026 when the ShinyHunters group stole and published data on over 237,000 customers, including names, email addresses, phone numbers, physical addresses, and support tickets.
What happened
According to HIBP and reporting by SC World, the ShinyHunters cybercrime group targeted Canada Life in April 2026 as part of a "pay or leak" extortion campaign. When Canada Life did not meet the group's demands, the stolen data was publicly released.
Canada Life confirmed the incident in a disclosure notice on its website, stating that a small proportion of its customers may have been impacted.
What was exposed
According to HIBP, the leaked dataset contained over 200,000 unique email addresses along with names, phone numbers, physical addresses, job titles, salutations, and in some cases, customer support ticket contents.
Who is affected
Approximately 237,810 accounts are recorded in the breach. Canada Life described the affected group as a small proportion of its overall customer base.
What to do now
Canada Life published an alert urging customers to be cautious of phishing attempts, which commonly follow public data releases. If you are a Canada Life customer, monitor your email and phone for suspicious messages, avoid clicking unexpected links, and consider updating your account password. Review any financial or insurance accounts for unusual activity.