The Rite Aid Corporation, a leading American drugstore chain, disclosed a significant data breach when it fell victim to the RansomHub ransomware attack in June. The breach resulted in the theft of 10 GB of data, comprising around 45 million records of personal information including names, addresses, driver's license numbers, dates of birth, and rewards numbers. This cyber incident follows a previous breach in May 2023, indicating a pattern of security challenges for the company.
Source: https://securityaffairs.com/165674/data-breach/rite-aid-corporation-data-breach.html
TPRM report: https://scoringcyber.rankiteo.com/company/riteaid
"id": "rit000071424",
"linkid": "riteaid",
"type": "Ransomware",
"date": "7/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 45000000,
'industry': 'Retail',
'location': 'United States',
'name': 'Rite Aid Corporation',
'type': 'Drugstore Chain'}],
'attack_vector': 'Ransomware',
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 45000000,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'addresses',
"driver's license numbers",
'dates of birth',
'rewards numbers']},
'date_detected': 'June 2023',
'date_publicly_disclosed': 'June 2023',
'description': 'Rite Aid Corporation suffered a data breach due to a '
'RansomHub ransomware attack, resulting in the theft of 10 GB '
'of data comprising around 45 million records of personal '
'information.',
'impact': {'data_compromised': ['names',
'addresses',
"driver's license numbers",
'dates of birth',
'rewards numbers']},
'motivation': 'Financial Gain',
'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'RansomHub'},
'references': [{'source': 'Cyber Incident Description'}],
'threat_actor': 'RansomHub',
'title': 'Rite Aid Corporation Data Breach',
'type': 'Data Breach'}