Rite Aid, a prominent healthcare and retail pharmacy chain in the United States, has experienced a significant data breach affecting 2.2 million individuals. The breach, which occurred on June 6, 2024, involved the compromise of business credentials by threat actors.
The data breach was first detected on June 20, 2024, two weeks after the initial compromise. The breach was discovered when an unauthorized access to business systems was identified, prompting an immediate internal investigation. Rite Aid's rapid response involved terminating the unauthorized access and remediating affected systems.
Rite Aid Corporation, headquartered in Etters, Pennsylvania, is one of the largest retail pharmacy chains in the United States. The company operates over 2,400 stores across 18 states, providing a wide range of health and wellness products, prescription medications, and pharmacy services. Rite Aid serves millions of customers, making the impact of this data breach particularly significant.
According to a filing with the Maine Attorney General's office, the breach resulted from an external system hacking incident. The information compromised includes: names, addresses, dates of birth, and driver's license numbers or other forms of government-issued identification for customers who made or attempted to make purchases between June 6, 2017, and July 30, 2018. Notably, no Social Security numbers, financial information, or patient records were affected by the breach.
The incident was publicly disclosed in notification letters sent to affected customers on July 15, 2024. These notifications included details about the breach and the steps being taken to address the issue. Rite Aid has reported the incident to law enforcement and federal and state regulators.
Remediation measures
In response to the breach, Rite Aid has taken several steps to mitigate the impact on affected individuals. The company has offered 12 months of free identity monitoring services through Kroll, a global leader in risk mitigation and response. These services include credit monitoring, fraud consultation, and identity theft restoration.
Customers are encouraged to activate their identity monitoring services by visiting the Kroll enrollment website. Additionally, Rite Aid has provided resources and recommendations for further protecting personal information, including placing fraud alerts or security freezes on credit files and remaining vigilant for signs of unauthorized activity.
To help protect against potential identity theft and fraud, affected individuals should consider the following actions:
- Regularly check credit reports for unauthorized activity. Free annual credit reports can be obtained from the three nationwide credit reporting agencies.
- Consider placing a fraud alert on credit reports to notify creditors of potential identity theft.
- Place a security freeze on credit reports to prevent new accounts from being opened without consent.
- Take advantage of the free identity monitoring services provided by Kroll to detect and respond to potential identity theft.
For more information, affected individuals can contact Rite Aid's dedicated support line at 1-866-810-8094 or visit the provided resources for additional guidance on protecting their personal information.
Android Users Targeted by “Konfety” Fraud Operation on Google Play
Leave a Reply