Dollar Tree Suffers Massive Data Breach: 2 Million Customers’ Information Exposed by Third-Party Attack

A Data Breach at Dollar Tree Affects Nearly 2 Million Customers

Discount store chain Dollar Tree found itself in the crosshairs of a major cybersecurity incident when its service provider Zeroed-In Technologies fell victim to a data breach. As a result, the personal information of approximately 1,977,486 customers shopping at Dollar Tree and Family Dollar stores was compromised.

For those who may not know, Dollar Tree is a wildly popular discount retail company with over 23,000 store locations in the United States and Canada. So, it’s no surprise that such an attack has caused quite a stir.

What Happened During the Cyberattack?

According to a data breach notification submitted to the Maine Attorney General, the attack on Zeroed-In Technologies occurred between August 7 and 8, 2023. The hackers managed to access and steal data containing the personal information of Dollar Tree and Family Dollar customers.

However, the extent of the stolen data remains unclear, as the investigation could not confirm all the specific files accessed or taken by the unauthorized actors. To better understand the scope of the breach, Zeroed-In conducted a review of the affected systems to determine the type of information present and the individuals it belonged to.

Among the information stolen during the attack, we know that names, dates of birth, and Social Security numbers (SSNs) were compromised.

What’s Being Done to Protect the Affected Customers?

Zeroed-In has informed the affected individuals and provided instructions on enrolling in a twelve-month identity protection and credit monitoring service. In a statement we received from a Family Dollar spokesperson, they explained, “Zeroed-In is a vendor that we and other companies use. They informed us that they identified a security incident, and they provided notice of the incident to current and former employees.”

It’s worth noting that other Zeroed-In customers, besides Dollar Tree and Family Dollar, may have also been impacted by the security breach. However, this hasn’t been confirmed yet. We reached out to Zeroed-In for more information but have not received a response as of publication time.

What Are the Legal Implications?

The magnitude of the data breach has caught the attention of law firms who are already investigating the potential for a class-action lawsuit against Zeroed-In. This situation highlights the importance of implementing strong cybersecurity measures to protect sensitive information and avoid legal consequences.

Protect Yourself and Your Business from Cyberthreats

This incident serves as a stark reminder of the ever-present dangers posed by cyberattacks. As technology continues to evolve, so too do the tactics employed by hackers. It’s crucial for both individuals and businesses to stay informed and proactive in protecting themselves from such threats.

Don’t let yourself or your business become the next victim. Contact our IT Services team to learn more about how to safeguard your digital assets and defend against cybercrime. Keep coming back to stay updated on the latest cybersecurity news and best practices.