Photo by Pixabay
Rite Aid, the third-largest pharmacy company in the United States, has reported a substantial cybersecurity breach that affected more than 2.2 million customers. Cybercrooks stole important personal information like the customer’s name, driver’s license number, address, and date of birth.
However, as the company said, the hackers couldn’t access other data, such as Social Security numbers, health data, or financial records.
The breath was detected on June 6. 2024, just 12 hours after attackers infiltrated the company’s network using an employee’s compromised credentials. With a workforce of over 45,000 and 6,000 pharmacists spread across 1,700 retail stores in 16 U.S. states, Rite Aid moved quickly to mitigate the impact.
In the notification letters filed with the Office of Maine’s Attorney General, Rite Aid revealed that by June 17, 2024, it had determined that the attackers had accessed personal data related to purchases made between June 6, 2017, and July 30, 2018. The compromised data include purchaser names, addresses, dates of birth, and driver’s license numbers or other forms of government-issued ID.
“On June 6, 2024, an unknown third party impersonated a company employee to compromise their business credentials and gain access to certain business systems,” Rite Aid states in the filing. “We detected the incident within 12 hours and immediately launched an internal investigation to terminate the unauthorised access, remediate affected systems and ascertain if any customer data was impacted.”
Rite Aid has assured its customers that highly sensitive data, including Social Security and other information, remained secure during the incident.
While the company has not officially named the attackers, a cybercriminal group known as RansomHub has taken credit for the breach. The group claims to have obtained substantial customer data, including personal identifiers such as names and addresses, driver’s license information and Rite Aid loyalty program details. They assert this data amounts to tens of millions of individual records, reports Bleeping Computer.
The drugstore chain was added to RansomHub’s leak site after ransom negotiations reportedly broke down, leading the gang to threaten to release the stolen data. RansomHub shared a screenshot of the claimed stolen data as proof and indicated they would leak all the information within two weeks if their demands were unmet.
RansomHub is a new entrant in the hacking scene. Recently, they claimed responsibility for a cyberattack on Christie’s. RansomHub’s name also emerged during the Change Healthcare data breach when the group demanded ransom from the company.
In the News: Home Ministry halts video conferencing evidence provisions after protests
