Malware
Massive Data Breach Strikes Dollar Tree: 2 Million Customers Impacted by Cyber Attack
Dollar Tree suffered a data breach impacting two million people, with cybercriminals accessing customer data from third-party service provider CafePress.com. The breach affected users registered on the Dollar Tree-owned Family Dollar website. Personal data, including names, addresses, and passwords, were potentially exposed, though no financial information was compromised.
A Data Breach Affects Dollar Tree and Its Customers
Imagine walking into your favorite discount store to buy some household essentials, only to find out later that your personal information has been compromised. This is exactly what happened to nearly 2 million people who shopped at Dollar Tree and Family Dollar stores across the United States and Canada. The culprit? A cyberattack on their service provider, Zeroed-In Technologies.
The Attack on Zeroed-In Technologies
According to a data breach notification shared with the Maine Attorney General, Zeroed-In experienced a security incident between August 7 and 8, 2023. During this attack, cybercriminals managed to steal data containing personal information of Dollar Tree and Family Dollar employees.
While the investigation determined that the systems were accessed, it could not confirm the specific files accessed or taken by the unauthorized actor. As a result, Zeroed-In conducted a review of the contents of the systems to determine what information was present at the time of the incident and to whom it relates.
The Stolen Information
The data breach resulted in the theft of names, dates of birth, and Social Security numbers (SSNs) of affected individuals. Zeroed-In has notified those impacted and provided instructions for enrolling in a twelve-month identity protection and credit monitoring service.
When we contacted Dollar Tree for a comment on the data breach, a Family Dollar spokesperson informed us that “Zeroed-In is a vendor that we and other companies use. They informed us that they identified a security incident, and they provided notice of the incident to current and former employees.”
What’s Next?
It is still unclear whether other Zeroed-In customers besides Dollar Tree and Family Dollar have been affected by the security breach. We reached out to Zeroed-In for answers, but they have not responded at the time of publication.
As the scale of the data breach becomes more apparent, law firms are already investigating the possibility of a class-action lawsuit against Zeroed-In.
Don’t Let This Happen to You
As a consumer, it’s crucial to stay informed about cybersecurity and take steps to protect your personal information. And if you’re a business owner, it’s even more critical to ensure your company’s data is secure.
If you’re concerned about cybersecurity and want to learn more about how to safeguard yourself and your business, we’re here to help. As experts in the field, we understand the challenges and risks associated with data breaches. Reach out to us and keep coming back to learn more about staying safe in the digital world.