Published on: July 18, 2024
Rite Aid Corp. has revealed a significant data breach that compromised the personal information of some of its customers. The drugstore chain, which filed for bankruptcy last October, announced on Monday that it is notifying affected consumers via mail about the incident.
According to Rite Aid, the breach occurred on June 6 when an unknown third party impersonated an employee to gain access to the company’s systems. The compromised data pertains to purchases or attempted purchases of certain retail items made between June 2017 and July 2018.
Information exposed in the breach includes customers’ names, addresses, dates of birth, and driver’s license numbers or other government ID numbers presented at the time of purchase. The company assured that no Social Security numbers, financial, or patient information was accessed.
Rite Aid detected the unauthorized access within 12 hours and swiftly initiated an investigation to stop the breach, secure the systems, and determine the extent of the data impact. The incident has been reported to law enforcement as well as federal and state regulators. The company has pledged to implement enhanced security measures to prevent future breaches.
Customers with questions or concerns can contact Rite Aid at 866-810-8094, available from 8 a.m. to 5:30 p.m. Central time until October 15. This move comes as part of the company’s effort to assist affected consumers and mitigate potential fallout from the breach.
The Rite Aid breach is the latest in a series of recent high-profile hacks. Just last Friday, AT&T Inc. disclosed a significant hack affecting nearly all of its wireless customers and users of its mobile virtual network operations. Hackers accessed and copied logs containing records of customer calls and texts from May 1 to October 31, 2022, and on January 2, 2023.
As companies continue to face cybersecurity threats, these incidents highlight the importance of robust security measures and prompt responses to unauthorized data access.