Rite Aid faced a cyberattack that resulted in a $6.8 million settlement due to a breach that compromised the personal information of over 2 million customers. Between June 6, 2017, and July 30, 2018, attackers, posing as a Rite Aid employee, gained access to business systems and exfiltrated personal details including names, addresses, birth dates, and government IDs. The breach was identified quickly, and the company undertook an internal investigation to address the situation.
Source: https://databreaches.net/2025/03/05/rite-aid-agrees-to-6-8m-settlement-over-data-breach-lawsuit/
"id": "rit522030625",
"linkid": "riteaid",
"type": "Breach",
"date": "3/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"