Sponsored By

Wegmans corrects database security issue

Supermarket chain says some customer information inadvertently exposed

Russell Redman

June 17, 2021

2 Min Read
Wegmans_Lancaster_PA_store2_0.png
Wegmans said that customers have been notified of the security issue and the retailer worked with a leading forensics firm to evaluate the database problem and fix it.Wegmans

Wegmans Food Markets said it recently discovered and closed a data security hole that had exposed some customer information.

Rochester, N.Y.-based Wegmans announced yesterday that two cloud databases used for internal business purposes were “inadvertently left open to potential outside access” because of a “configuration issue.” The databases included customer names, addresses, phone numbers, birthdates, Shoppers Club numbers and e-mail addresses, but no payment card or banking information or Social Security numbers (which the company doesn’t collect). Wegmans.com account passwords also were exposed but were “hashed” and “salted,” meaning that the actual password characters weren’t contained in the databases, the retailer said.

Wegmans said it first learned of the problem on or around April 19, 2021, and determined that the configuration issue began in 2018. The grocer said it worked with a forensics firm to investigate the issue and its scope, identify the information in the two databases, ensure the systems’ integrity and security, and fix the problem.

“We sent notice because we discovered, originally through a security researcher, that information in the affected databases was inadvertently left open to outside access,” Wegmans said in an email statement late Wednesday. “When we discovered the issue, we worked with leading outside experts to investigate the matter. The investigation was unable to uncover what information may have been actually accessed, if any. We have since corrected configurations and secured all affected information. We have also taken steps to avoid the occurrence of similar issues in the future.”

Related:Kroger reports data breach from third-party file transfer service

Any customers who may have been affected by the database issue have been notified, according to Wegmans. However, the company advised customers to update their passwords and said those with questions can call it at (855) 535-1851.

“Although all affected Wegmans.com passwords were protected through hashing, as a conservative measure, you can change the password to your Wegmans.com account, as well as for any other account for which you use the same password,” Wegmans said in a notification of the security incident posted on its website. “It is generally a good idea to use a unique password for each online account you may have.”

Overall, Wegmans operates 106 supermarkets in New York, Pennsylvania, New Jersey, Virginia, Maryland, Massachusetts and North Carolina. 

Read more about:

Wegmans

About the Author

Russell Redman

Senior Editor
Supermarket News

Russell Redman has served as senior editor at Supermarket News since April 2018, his second tour with the publication. In his current role, he handles daily news coverage for the SN website and contributes news and features for the print magazine, as well as participates in special projects, podcasts and webinars and attends industry events. Russ joined SN from Racher Press Inc.’s Chain Drug Review and Mass Market Retailers magazines, where he served as desk/online editor for more than nine years, covering the food/drug/mass retail sector. 

Russell Redman’s more than 30 years of experience in journalism span a range of editorial manager, editor, reporter/writer and digital roles at a variety of publications and websites covering a breadth of industries, including retailing, pharmacy/health care, IT, digital home, financial technology, financial services, real estate/commercial property, pro audio/video and film. He started his career in 1989 as a local news reporter and editor, covering community news and politics in Long Island, N.Y. His background also includes an earlier stint at Supermarket News as center store editor and then financial editor in the mid-1990s. Russ holds a B.A. in journalism (minor in political science) from Hofstra University, where he also earned a certificate in digital/social media marketing in November 2016.

Russell Redman’s experience:

Supermarket News - Informa
Senior Editor 
April 2018 - present

Chain Drug Review/Mass Market Retailers - Racher Press
Desk/Online Editor 
Sept. 2008 - March 2018

CRN magazine - CMP Media
Managing Editor
May 2000 - June 2007

Bank Systems & Technology - Miller Freeman
Executive Editor/Managing Editor
Dec. 1996 - May 2000

Supermarket News - Fairchild Publications
Financial Editor/Associate Editor
April 1995 - Dec. 1996 

Shopping Centers Today Magazine - ICSC 
Desk Editor/Assistant Editor
Dec. 1992 - April 1995

Testa Communications
Assistant Editor/Contributing Editor (Music & Sound Retailer, Post, Producer, Sound & Communications and DJ Times magazines)
Jan. 1991 - Dec. 1992 

American Banker/Bond Buyer
Copy Editor
Oct. 1990 - Jan. 1991 

This Week newspaper - Chanry Communications
Reporter/Editor
May 1989 - July 1990

Stay up-to-date on the latest food retail news and trends
Subscribe to free eNewsletters from Supermarket News

You May Also Like