Skip to content
Live · Updated every 6 hours
Track every US data breachBreached
All breaches
HighReported Jul 15, 2026·From: HIBP
G
Data breach

Goose Creek Candle Company

Company archive

Goose Creek Candle Company suffered a data breach in June 2026 that exposed the personal and purchase information of approximately 6.6 million customers.

Reported
Jul 15, 2026
Breach date
Jun 9, 2026
People affected
6.6M
Severity
high
What was exposed
Email addressesNamesPhone numbersAddressesPurchases

What happened

According to Have I Been Pwned, in June 2026 a party claiming to have accessed data from Goose Creek Candle Company began contacting customers directly by email, asserting that the company had a security vulnerability and had been breached. The data was subsequently submitted to Have I Been Pwned. HIBP reports the data appears to have been obtained from the company's Shopify instance. Goose Creek is aware of the reports but was unable to provide further information at the time of publication.

What was exposed

According to HIBP, the exposed data included email addresses, names, phone numbers, physical addresses, order IDs, and total amount spent by customers.

Who is affected

HIBP reports approximately 6.6 million unique email addresses were included in the dataset, suggesting a large portion of Goose Creek Candle Company's customer base may be affected.

What to do now

If you are a Goose Creek customer, be alert for phishing emails or unsolicited contact that references your purchase history or personal details. Consider changing your password on the Goose Creek website and any other sites where you use the same credentials. Monitor your email and phone for suspicious messages, as your contact information may now be in the hands of third parties.