July 17, 2024 at 04:45AM
Pharmacy chain Rite Aid discloses a data breach involving 2.2 million people, with ransomware group threatening to leak stolen data. The breach, involving compromised credentials, occurred between June 6, 2017, and July 30, 2018. No Social Security or financial information was affected; affected individuals offered 12 months of free credit monitoring. RansomHub cybercriminals demand ransom for 10 Gb customer information.
From the meeting notes, the key takeaways are:
1. Rite Aid recently experienced a data breach affecting 2.2 million individuals. The breach involved hackers impersonating an employee to gain access to business systems.
2. Data obtained by the attackers included purchaser names, addresses, dates of birth, and identification document numbers from purchases between June 6, 2017, and July 30, 2018. However, no Social Security numbers, financial information, or patient information was impacted.
3. Rite Aid has responded by offering those affected 12 months of free credit monitoring and identity protection services.
4. The ransomware group, RansomHub, is threatening to leak stolen customer information unless a ransom is paid. They claim to have obtained 10 Gb of customer information and suggested they were close to reaching an agreement with Rite Aid.
5. Rite Aid has more than 1,700 stores across 16 states.
These should cover the main points from the meeting notes.