Rite Aid Reveals Alarming Data Breach Following Devastating June Ransomware Attack

Pharmacy giant Rite Aid recently confirmed a data breach following a cyberattack in June, which was claimed by the RansomHub ransomware operation.

Rite Aid is the third-largest drugstore chain in the United States, employing over 6,000 pharmacists (out of a total workforce of over 45,000) in more than 1,700 retail pharmacy stores across 16 states.

After detecting the cyberattack, the company got to work notifying affected customers and began an investigation. With the help of external experts, Rite Aid managed to restore all compromised systems.

“Rite Aid experienced a limited cybersecurity incident in June, and we are finalizing our investigation. We take our obligation to safeguard personal information very seriously, and this incident has been a top priority,” Rite Aid said.

“Together with our third-party cybersecurity partner experts, we have restored our systems and are fully operational. We are sending notices to impacted consumers.”

While Rite Aid didn’t share what customer data was accessed in the breach or how many individuals were affected, it said that the data breach doesn’t impact health or financial information.

“In the meantime, we can confirm that no social security numbers, financial information, or patient information were impacted by this incident,” the company added.

Attack claimed by RansomHub gang

Even though Rite Aid has yet to share who was behind the June attack, the statement came after we reached out to confirm the RansomHub ransomware gang’s claims that it breached the pharmacy giant’s systems and stole customers’ data.

​”While having access to the Rite Aid network we obtained over 10 GB of customer information equating to around 45 million lines of people’s personal information. This information includes name, address, dl_id number, dob, Rite Aid rewards number,” the threat group said on their dark web leak site.

After adding Rite Aid to its leak site because the company supposedly stopped negotiating a ransom, the ransomware gang shared a screenshot of some of the allegedly stolen data as proof, saying that everything would be leaked in two weeks.

Rite Aid didn’t reply to a request for more details regarding the June attack after we reached out again today.

RansomHub is a relatively new threat group that demands ransom payments from victims in exchange for not leaking stolen files, often auctioning the files to the highest bidder if negotiations fail.

They focus on data-theft-based extortion rather than encrypting files, even though they were identified as a potential buyer of Knight ransomware source code.

Last month, RansomHub claimed responsibility for breaching the systems of U.S. telecom provider Frontier Communications in April, forcing them to shut down systems to contain the breach and stealing the information of 750,000 customers.

What does this mean for you?

As a consumer, it’s crucial to stay informed about data breaches like the one involving Rite Aid. Even though the company claims that no health or financial information was compromised, data breaches can still put your personal information at risk.

Make sure to monitor your accounts for any suspicious activity, and be cautious when opening emails from unknown sources. The more you know, the better you’ll be able to protect yourself from potential cyber threats.

Stay informed and stay safe

As cybersecurity experts, we’re here to keep you informed about the latest threats and help you take the necessary steps to protect your personal information. Stay tuned for more updates and insights on cybersecurity, and don’t hesitate to contact us if you have any concerns or questions. Remember, knowledge is power, so keep coming back to learn more and stay safe in the digital world.