Pharmacy Giant Rite Aid Hit By Ransomware

Rite Aid has become the latest high street name to fall victim to ransomware actors, after it revealed a “limited” cybersecurity incident took place last month.

A statement from the firm said it was “finalizing” the incident response investigation.

“Together with our third-party cybersecurity partner experts, we have restored our systems and are fully operational,” Rite Aid said.

“We take our obligation to safeguard personal information very seriously, and this incident has been a top priority. We appreciate your patience until we can provide additional information.”

According to screenshots posted to X (formerly Twitter), ransomware group RansomHub was to blame for the incident. The group posted on its leak site that it had obtained 10GB of data from the pharmacy, equating to “45 million lines” of personal information on customers.

“This information includes name, address, id number, dob, riteaid rewards number,” the post continued. “Suddenly at the end of negotiations once we both came to an agreement they stopped communications. From this it is obvious that the Riteaid leadership don’t value the safety of its customers sensitive details.”

RansomHub emerged in February 2024 and boasts former ALPHV/BlackCat affiliates among its ranks. It famously tried to extort Change Healthcare a second time, after the firm paid ALPHV a $22m ransom earlier this year.

Last month, news emerged that the prolific Scattered Spider cybercrime group had become a RansomHub affiliate. The group often uses native English language skills to socially engineer employees into handing over credentials for initial access.

It’s been responsible for a number of high-profile ransomware incidents affecting large organizations in the past year, including MGM International, Caesars Entertainment and Okta.

Rite Aid is the third-largest pharmacy chain in the US, with over 2000 locations countrywide and more than $24bn in revenue.

Image credit: JHVEPhoto / Shutterstock.com

Pharmacy Giant Rite Aid Hit By Ransomware

Phil Muncaster

You may also like

ALPHV Second Most Prominent Ransomware Strain Before Reported Downtime

BlackCat Ransomware Group Reports Victim to SEC

Scattered Spider Now Affiliated with RansomHub Following BlackCat Exit

MGM Criticized for Repeated Security Failures

Estee Lauder Breached by Two Ransomware Groups

What’s hot on Infosecurity Magazine?

Russia's FSB Behind Massive Phishing Espionage Campaign

Geopolitical Tensions Drive Explosion in DDoS Attacks

New Phishing Attack Uses Sophisticated Infostealer Malware

Nigerian 'Yahoo Boys' Behind Social Media Sextortion Surge in the US

Cyber-criminals Exploited Paris Olympics With Fake Domains

Research Uncovers New Microsoft Outlook Vulnerability

UN Adopts Controversial Cybercrime Treaty

South Korea Warns Pyongyang Has Stolen Spy Plane Details

Vulnerability in Windows Driver Leads to System Crashes

SolarWinds Urges Upgrade After Revealing Critical RCE Bug

Manufacturing Firm Loses $60m in BEC Scam

#BHUSA: CrowdStrike Outage Serves as Dress Rehearsal for China-Led Cyber-Attacks

The Future of Fraud: Defending Against Advanced Account Attacks

How to Secure Industrial IP with Data Loss Protection Strategies

How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0

How to Proactively Remediate Rising Web Application Threats

Supercharge Your Security With Intelligence-Driven Threat Hunting

Experiencing a DDoS Simulation to Enhance Defenses

CISA's Jack Cable Discusses US Push for More Secure Software

How to Respond Effectively During a Ransomware Attack

CrowdStrike Windows Outage: What We Can Learn

#BHUSA: CrowdStrike Outage Serves as Dress Rehearsal for China-Led Cyber-Attacks

Infosecurity Magazine Autumn Online Summit 2024: Day One

Infosecurity Magazine Autumn Online Summit 2024: Day Two

Pharmacy Giant Rite Aid Hit By Ransomware

Written by

You may also like

What’s hot on Infosecurity Magazine?