Rite Aid Reveals Massive Data Breach: 2.2 Million People Affected in June Cyberattack

Imagine walking into your favorite drugstore, only to find out that your personal information has been compromised. That’s what happened to 2.2 million customers of Rite Aid, the third-largest drugstore chain in the United States, last month. The company described the event as a “data security incident.”

With over 6,000 pharmacists and more than 45,000 employees in total, Rite Aid operates 1,700 retail stores across 16 states. The breach happened on June 6, and it took the company 12 hours to detect the intrusion, which was carried out using an employee’s credentials.

By June 17, Rite Aid discovered that the attackers had acquired data associated with specific retail product purchases or attempted purchases. This data included the purchaser’s name, address, date of birth, and driver’s license number or other forms of government-issued ID presented during purchases between June 6, 2017, and July 30, 2018. Thankfully, customers’ Social Security numbers, financial information, and health information were not exposed in the incident.

Who’s Behind the Attack?

While Rite Aid has yet to reveal the attackers’ identity, the RansomHub ransomware gang claimed responsibility, stating that they also stole customer data from the company’s systems. They claim to have obtained over 10 GB of customer information, which equates to around 45 million lines of personal data. This information includes names, addresses, driver’s license IDs, dates of birth, and Rite Aid rewards numbers.

RansomHub added Rite Aid to their dark web leak site after the company allegedly halted ransom negotiations. As a result, the ransomware gang shared a screenshot of the claimed stolen data as proof and stated that everything would be leaked in two weeks.

RansomHub is a relatively new operation that extorts victims in exchange for not leaking stolen files. If negotiations fail, the files are often auctioned to the highest bidder. Their focus is on data-theft-based extortion rather than encrypting victims’ files. RansomHub has also claimed responsibility for breaching U.S. telecom provider Frontier Communications, stealing information from 750,000 customers and forcing the company to shut down systems to contain the breach.

What Can You Do?

As a customer, it’s crucial to stay vigilant and monitor your accounts for any suspicious activity. If you’re a business owner, it’s more important than ever to invest in robust cybersecurity measures to protect your customers’ data.

At IT Services, we understand the importance of safeguarding your information. Our team of experts is here to help you navigate the complex world of cybersecurity and ensure your business is protected from potential threats. Contact us today and let’s work together to keep your data safe.

Remember, staying informed is the key to staying protected. Keep coming back to learn more about the latest cybersecurity threats and how you can safeguard your information.