Rite Aid Data Breach – 2.2 Million Customer Personal Data Exposed

Ceremony Attend, the third-largest drugstore chain within the United States, has disclosed that an recordsdata breach in June 2024 uncovered the non-public recordsdata of two.2 million customers. The firm detected unauthorized web admission to to its systems on June 6, 2024, which used to be applied by an unknown third event using compromised worker credentials.

The breach affected recordsdata linked to purchases or tried purchases of particular retail merchandise between June 6, 2017, and July 30, 2018. The uncovered recordsdata involves customers’ names, addresses, dates of birth, and driver’s license numbers or other forms of executive-issued ID provided at the time of aquire.

Ceremony Attend has emphasised that no Social Safety numbers, monetary recordsdata, or affected person effectively being recordsdata like been compromised within the incident. In step with letters filed with the Office of Maine’s Legal legit Frequent, the firm chanced on the full extent of the breach by June 17, 2024, and has since been working to take care of the scenario.

Per the breach, Ceremony Attend has taken several steps:

1. Launched an within investigation to halt unauthorized web admission to and remediate affected systems.
2. Reported the incident to legislation enforcement and federal and mumble regulators.
3. Enforcing further security measures to forestall identical assaults at some point soon.
4. Sending notification letters to affected customers.
5. Offering 365 days of complimentary credit ranking and identification theft monitoring services to impacted individuals.

Whereas Ceremony Attend has no longer disclosed the identification of the attackers, a ransomware crew known as RansomHub has claimed responsibility for the breach. The crew alleges to like bought 10GB of buyer recordsdata, doubtlessly affecting up to 45 million individuals.

Nonetheless, Ceremony Attend’s legitimate assertion contradicts this claim, reporting a critically decrease decision of two.2 million affected customers.

The incident has raised concerns about cybersecurity within the healthcare sector, with some consultants calling for stronger federal regulations to defend affected person recordsdata and be meander that the safety of healthcare systems.

Ceremony Attend has acknowledged that the investigation into the breach is a high precedence, and so that they’re working with third-event cybersecurity consultants to revive their systems, that are certainly fully operational. The firm continues to emphasize its commitment to safeguarding personal recordsdata and addressing the incident promptly.