Rite Aid Becomes RansomHub's Latest Victim After Data Breach

This morning Rite Aid, an American drugstore chain, revealed news of falling victim in a data breach last month in what it called a "limited cybersecurity incident."

On June 6, a third-party threat actor impersonated a company employee and gained access to certain company systems. This unauthorized access was detected soon after, and the company launched an investigation to determine the scope of the breach and whether any data was compromised.

Though the company has determined that no Social Security numbers, financial information, or patient information was affected in the breach, the threat actors did acquire data connected to purchases of retail products, including names, addresses, dates of birth, and driver's licenses or government IDs.

The company has not released an official statement revealing who the threat actors are, but RansomHub gang has claimed that it breached the company's systems.

"While having access to the Rite-Aid network, we obtained over 10GB of customer information equating to around 45 million lines of people's personal information," the ransomware group said on its Dark Web leak site. "This information includes name, address, dl_id number, DoB, Rite Aid rewards number."

Rite Aid reportedly stopped negotiating a ransom, prompting the ransomware group to share snippets of what it claims is stolen data as proof and add a two-week deadline before more information will be leaked.