Lee Valley Tools Data Breach Affects 57,707 Individuals

Published

April 10, 2025

Updated

April 15, 2025

Lee Valley Tools

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

On March 12, 2025, Lee Valley Tools, Ltd., a Canadian retailer specializing in woodworking, gardening, and home improvement products, discovered a significant data breach affecting its customers. Upon investigation, the company identified unauthorized access to its systems, which occurred on two separate occasions: first on October 8, 2024, and again on March 12, 2025.

The breach exposed sensitive personally identifiable information (PII) of 57,707 individuals in the United States.

The compromised data included customer names, addresses, credit card numbers, expiration dates, and CVV security codes. Of those affected, 936 individuals reside in Maine, and 774 reside in New Hampshire.

As of today, Lee Valley Tools has not publicly disclosed detailed information regarding how the breach occurred or who was responsible. However, the exposure of credit card information, including CVV codes, indicates a serious security incident. This type of breach can potentially lead to fraudulent charges, identity theft, and other financial crimes.

Lee Valley Tools' Response

Following the discovery of the breach, Lee Valley Tools promptly notified state authorities and affected customers. The company reported the incident to the California Attorney General on April 9, 2025, the New Hampshire Attorney General on April 9, 2025, and the Maine Attorney General on April 10, 2025.

Lee Valley Tools began notifying affected customers through written notices sent on April 15, 2025. The company has provided customers with detailed information regarding the breach, along with recommended steps to protect themselves from potential fraud or identity theft.

If you have received a notification from Lee Valley Tools about this data breach, it is important to take immediate steps to protect yourself:

Carefully review your credit card statements and bank accounts for any unauthorized charges or suspicious activity.
Contact your financial institution immediately to report any unauthorized transactions.
Consider requesting a new credit or debit card from your financial institution.
Place a fraud alert or credit freeze on your credit reports with the major credit bureaus (Equifax, Experian, and TransUnion) to prevent potential misuse of your information.
Regularly monitor your credit reports for unusual activity or new accounts you did not authorize.