On July 15, 2024, Rite Aid Corporation filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access the company’s IT network. In this notice, Rite Aid explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, addresses, dates of birth, driver’s license numbers, and other government-issued identification numbers. Upon completing its investigation, Rite Aid began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Rite Aid Corporation, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Rite Aid data breach. For more information, please see our recent piece on the topic here.
What Caused the Rite Aid Data Breach?
The Rite Aid data breach was only recently announced, and more information is expected in the near future. However, Rite Aid’s filing with the Attorney General of Maine provides some important information on what led up to the breach. According to this source, on June 6, 2024, Rite Aid learned of a data security incident in which an unauthorized party impersonated a Rite Aid employee to obtain their credentials and gain access to Rite Aid’s computer systems. Rite Aid detected the incident within 12 hours and, in response, terminated all unauthorized access and then launched an investigation to determine what, if any, consumer information was leaked as a result.
On June 17, 2024, Rite Aid’s investigation confirmed that an unauthorized party was able to access confidential consumer information that was stored on the company’s computer network.
After learning that sensitive consumer data was accessible to an unauthorized party, Rite Aid reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, address, date of birth, driver’s license number, and other government-issued identification number. Specifically, the information belonged to customers who visited a Rite Aid store between June 6, 2017 and July 30, 2018.
On July 15, 2024, Rite Aid sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About Rite Aid Corporation
Founded in 1968, Rite Aid Corporation is a drug store and pharmacy chain based out of Camp Hill, Pennsylvania. Rite Aid is the third-largest drugstore in the United States, with over 2,000 stores. Rite Aid is publicly traded on the New York Stock Exchange under the symbol “RAD.” Rite Aid employs more than 51,000 people and generates approximately $23.5 billion in annual revenue.