Rite Aid Data Breach Impacts 2.2M Customers, Personal Data Exposed

The personal data of more than 2.2 million customers has been exposed after drugstore chain Rite Aid was hit by a data breach.

According to a filing with the Massachusetts attorney general, Rite Aid said personal information was exposed following an incident on June 6 when an unknown party impersonated a company employee using their business credentials to gain access to systems. 

Rite Aid said the incident was detected within 12 hours, prompting an immediate internal investigation to terminate the unauthorized access, remediate affected systems and determine if any customer data was impacted.

The compromised data included customer names, addresses, dates of birth and driver’s license numbers or other government-issued ID presented for purchases between June 6, 2017, and July 30, 2018 

Rite Aid said no social security numbers, financial or patient information was impacted. 

The company said it’s implementing additional security measures to prevent future attacks. Rite Aid also told customers it’s offering free identity monitoring for those impacted. 

Rite Aid’s breach announcement comes just days after AT&T announced a cyberattack put the call and text data of nearly all AT&T wireless customers and those of its mobile virtual network operators at risk.

Related:AT&T Cyberattack Impacts Call, Text Data of Wireless Customers