A security breach involving Rite Aid’s business systems has leaked data on millions of customers.
The incident happened on June 6, when an unknown third party impersonated a company employee to compromise their business credentials and gain access to certain business systems.
Rite Aid said they detected the breach within 12 hours and immediately launched an investigation to terminate the unauthorized access, remediate affected systems, and determine if any customer data was impacted.
Two weeks later, it was discovered that the unknown third party had acquired certain data associated with the purchase or attempted purchase of specific retail products. The data included shopper names, addresses, date of birth, and driver’s license numbers or other forms of government-issued ID presented at the time of purchase between June 6, 2017, and July 30, 2018.
Rite Aid said no social security numbers, financial information, or patient information was impacted by the breach.
“We regret that this incident occurred and are implementing additional security measures to prevent potentially similar attacks in the future,” Rite Aid said in a press release. “We take our obligation to safeguard personal information very seriously and are alerting affected consumers about this incident.”
Shoppers can call a dedicated assistance line toll-free at 866-810-8094 from 8 a.m. to 5:30 p.m. Central time, Monday through Friday, excluding holidays, for more information. The line will remain open until Oct. 15.
