Major Food Retailer Discloses Alarming Data Breach Impacting 2.2M Customers
Food retail giant Ahold Delhaize, parent company of well-known American brands like Food Lion, Stop & Shop, Giant Food, and Hannaford, has confirmed a significant data breach impacting over 2.24 million individuals. The incident, stemming from a November 2024 ransomware attack on its U.S. internal business systems, has exposed a wide array of sensitive personal, financial, and even health information.
The breach, which was disclosed in a filing with Maine's Attorney General on June 26 (Thursday), revealed that attackers gained unauthorized access to Ahold Delhaize USA's systems on November 6, 2024. While the company has not explicitly stated whether customer data was compromised, it confirmed that the stolen files mainly contained internal employment records belonging to current and former employees of Ahold Delhaize USA companies.
The scope of the compromised data is rather extensive, although it does vary for each affected individual. It includes a combination of personal details such as names, contact information (like postal and email addresses as well as telephone numbers), birth dates, and government-issued identification numbers, including Social Security, passport, and driver's license numbers. Just as alarmingly, financial account information, such as bank account numbers, and sensitive health information, including workers' comp and medical details from employment records, were also siphoned.
The breach, which was disclosed in a filing with Maine's Attorney General on June 26 (Thursday), revealed that attackers gained unauthorized access to Ahold Delhaize USA's systems on November 6, 2024. While the company has not explicitly stated whether customer data was compromised, it confirmed that the stolen files mainly contained internal employment records belonging to current and former employees of Ahold Delhaize USA companies.
The scope of the compromised data is rather extensive, although it does vary for each affected individual. It includes a combination of personal details such as names, contact information (like postal and email addresses as well as telephone numbers), birth dates, and government-issued identification numbers, including Social Security, passport, and driver's license numbers. Just as alarmingly, financial account information, such as bank account numbers, and sensitive health information, including workers' comp and medical details from employment records, were also siphoned.
In Maine alone, the breach has affected 95,463 residents, prompting the prerequisite notification of consumer reporting agencies. To mitigate the potential fallout for anyone affected, Ahold Delhaize is offering 24 months of complimentary credit monitoring and identity protection services through Experian.
The Dutch grocery conglomerate has refrained from publicly naming the perpetrators behind the cyberattack, but it must be noted that the INC Ransom ransomware group had added the retail giant to its dark web extortion portal in April. The group subsequently leaked samples of documents, claiming they were stolen from the compromised Ahold Delhaize systems.
INC Ransom, a ransomware-as-a-service (RaaS) operation that emerged in July 2023, has rapidly gained notoriety for targeting organizations across both public and private sectors. The group has claimed 250 victims in the past two years, with targets including government entities, healthcare providers, educational institutions, and industrial corporations. Notable past victims include Scotland's National Health Service, Yamaha Motor Philippines, and the U.S. division of Xerox Business Solutions. The group also claimed responsibility for an attack on the State Bar of Texas in April, which led to a warning for over 100,000 members about stolen sensitive data.
