Rite Aid Suffers Massive Data Breach, 22 Million Customers Affected - Names, Driver's License Numbers, and More Stolen by Hackers

Rite Aid Suffers Massive Data Breach, 22 Million Customers Affected - Names, Driver's License Numbers, and More Stolen by Hackers

Whether you are shopping online or in person, your data can fall into the hands of hackers through no fault of your own As an example, US pharmacy Rite Aid revealed last month that it suffered a data breach in which the personal information of 22 million customers was stolen by hackers

As reported by BleepingComputer, the drugstore chain detected a “data security incident” early last month in which personal data, not financial data like Social Security numbers or credit card information, was stolen from its system

But now, in a data breach notification filed with the Maine Attorney General's Office, Rite Aid explains that the incident was first detected on June 6, 12 hours after hackers broke into its network They did this using employee credentials

As a result, the hackers in question stole full names, addresses, dates of birth, driver's license numbers, or other government-issued identities used for purchases made between June 6, 2017 and July 30, 2018

Below is everything you need to know about this new data breach, along with some steps you can take if your personal information was stolen during the attack on Rite Aid's system

Rite Aid has yet to reveal which hacker group was behind the June attack However, a ransomware group named RansomHub has claimed responsibility in a posting on a dark web leak site

In the post, the RansomHub hackers explain that they “obtained more than 10 GB of customer information, equivalent to about 45 million lines of personal data They then went on to detail what personal information was stolen in the attack on the drugstore chain

Typically, in a ransomware attack, hackers gain access to a company's systems and lock them until a ransom is paid to unlock them However, RansomHub's approach is slightly different Instead of locking down a company's systems, the ransomware gang steals as much data as they can get their hands on and holds this stolen data hostage

However, when Rite Aid called off negotiations with RansomHub, the hackers shared screenshots showing the data in their possession on data leak sites as proof They also stated that this data would be leaked within two weeks unless Rite Aid decided to pay them

Earlier this year, the ransomware group claimed responsibility for hacking US telecommunications company Frontier Communications in April, making Rite Aid the second RansomHub target

If you shopped at Rite Aid between June 2017 and July 2018, your personal information could be in the hands of hackers and could even end up online, as RansomHub often auctions off stolen data to the highest bidder on the dark web There is a possibility

Fortunately, however, the drugstore chain has announced that it will offer its crawl identity monitoring service for free The company has a team of licensed private investigators who can answer questions and provide steps that data breach victims can take to keep their personal information safe Unlike the best identity theft protection services, however, Kroll does not appear to offer identity theft insurance to help victims recover lost assets or wages Still, this is better than what other companies offer

Affected Rite Aid customers will likely receive an email or perhaps a letter in their mailbox informing them how to sign up for Kroll's identity monitoring and other steps they can take to stay safe after this breach

At the same time, we want to closely monitor our online accounts and bank accounts for fraudulent or suspicious activity We also want to be aware of targeted phishing attacks that could be used to spread dangerous malware The best antivirus software can help you detect malware that hackers might try to send to you via email with malicious attachments

We will likely learn more about this latest data breach once Rite Aid and law enforcement conduct a full investigation into the matter

Categories