Ransomware, Breach
RansomHub attack against Rite Aid compromises 2.2M

Today’s columnist, David Balaban of Privacy-PC, shares five ways companies can turn data security into a competitive advantage. (Adobe Stock)
BleepingComputer reports that major U.S. drugstore chain Rite Aid had personal information from 2.2 million customers compromised following a ransomware attack last month, which the RansomHub ransomware operation has since taken responsibility for. Attackers leveraged stolen employee credentials to infiltrate Rite Aid's network and facilitate the theft of customer data from June 6, 2017, to July 30, 2018, including their names, birthdates, addresses, and government-issued IDs, according to a filing with the Office of the Maine Attorney General, which emphasized that no Social Security numbers, health information, or financial details had been compromised as a result of the incident. Rite Aid's disclosure comes days after RansomHub — which was involved in the attack against Frontier Communications earlier this year — claimed to have exfiltrated more than 10 GB of customer data from the pharmacy chain's systems, which would be exposed should the drugstore chain refuse to fulfill its demands. Rite Aid has yet to confirm RansomHub's assertions.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
Attack VectorYou can skip this ad in 5 seconds