American pharmaceutical giant Rite Aid has confirmed a data breach following a cyber attack that took place in June. The group responsible for compromising the company’s data is the RansomHub extortion group.
Rite Aid, the third largest network of pharmacies in the United States, operates over 6,000 pharmacies and employs more than 45,000 individuals across 1700 stores in 16 states. On July 12, the company announced that it has concluded its investigation into the cyber attack that occurred in June and is in the process of notifying customers whose data was compromised.
A representative from Rite Aid stated: “Rite Aid experienced a limited cybersecurity incident in June, and we are finalizing our investigation. Safeguarding personal information is a top priority for us, and addressing this incident promptly has been paramount.”
Following the breach, the company’s systems have been fully restored and are operating normally. Efforts are being made to actively notify affected customers.
While Rite Aid has not disclosed the specific customer data that was compromised or the number of individuals affected, the company has assured that health or financial data was not impacted.
Although the name of the hacker group behind the attack on Rite Aid was not disclosed, the RansomHub extortion group has created a dedicated page on their official website showcasing the breach.
The attackers claimed: “By gaining access to the Rite Aid network, we acquired over 10 GB of customer information, equivalent to approximately 45 million lines of personal data. This information includes names, addresses, driver’s license numbers, birth dates, and Rite Aid reward program numbers.”
RansomHub, a relatively new group of extortionists, demands ransom from victims in exchange for not releasing stolen files. If negotiations fail, the group often auctions off the stolen files. Their focus is on extortion through data theft rather than file encryption.
Last month, RansomHub took credit for hacking the systems of American telecommunications provider Frontier Communications in April, resulting in the company shutting down systems to contain the leak and the theft of information from over two million customers.