Rite Aid has become the latest high street name to fall victim to ransomware actors, after it revealed a “limited” cybersecurity incident took place last month.
A statement from the firm said it was “finalizing” the incident response investigation.
“Together with our third-party cybersecurity partner experts, we have restored our systems and are fully operational,” Rite Aid said.
“We take our obligation to safeguard personal information very seriously, and this incident has been a top priority. We appreciate your patience until we can provide additional information.”
According to screenshots posted to X (formerly Twitter), ransomware group RansomHub was to blame for the incident. The group posted on its leak site that it had obtained 10GB of data from the pharmacy, equating to “45 million lines” of personal information on customers.
“This information includes name, address, id number, dob, riteaid rewards number,” the post continued. “Suddenly at the end of negotiations once we both came to an agreement they stopped communications. From this it is obvious that the Riteaid leadership don’t value the safety of its customers sensitive details.”
Read more on RansomHub: UnitedHealth CEO Confirms Breach Tied to Stolen Credentials,No MFA
RansomHub emerged in February 2024 and boasts former ALPHV/BlackCat affiliates among its ranks. It famously tried to extort Change Healthcare a second time, after the firm paid ALPHV a $22m ransom earlier this year.
Last month, news emerged that the prolific Scattered Spider cybercrime group had become a RansomHub affiliate. The group often uses native English language skills to socially engineer employees into handing over credentials for initial access.
It’s been responsible for a number of high-profile ransomware incidents affecting large organizations in the past year, including MGM International, Caesars Entertainment and Okta.
Rite Aid is the third-largest pharmacy chain in the US, with over 2000 locations countrywide and more than $24bn in revenue.
Image credit: JHVEPhoto / Shutterstock.com