Rite Aid confirms a ‘limited cybersecurity incident’ after ransomware group claims attack

Avatar

The American pharmacy chain Rite Aid said it experienced a “limited cybersecurity incident” in June that affected some of the company’s systems. 

In a statement, a spokesperson for Rite Aid said they are in the process of finalizing an investigation into the incident, which they called a “top priority.”

“Together with our third-party cybersecurity partner experts, we have restored our systems and are fully operational. We are sending notices to impacted consumers,” the spokesperson said.

They added that no Social Security numbers, financial information or patient information was impacted by the attack. 

The attack on Rite Aid came to light this week when the RansomHub ransomware operation claimed to have attacked the company. In a dark web post the cybercriminals said they stole 10 gigabytes of data that includes customer information like ID numbers and Rite Aid rewards numbers.

The Philadelphia-based company did not answer further questions about whether the incident involved ransomware, what data was accessed and whether a ransom was paid. 

Rite Aid is one of the largest drugstore chains in the United States, with more than 1,700 stores across 16 states. It reported $5.7 billion in revenue last quarter but filed for bankruptcy in October due to federal lawsuits surrounding the opioid crisis. 

RansomHub — which drew headlines earlier this year for hosting data stolen from a subsidiary of insurance giant UnitedHealth Group — said it was negotiating with Rite Aid before the company broke off communications. The group threatened to leak stolen data if a ransom isn’t paid by July 24 deadline. 

Rite Aid is already facing lawsuits for a data breach in May 2023 that exposed the patient names, dates of birth, addresses, prescription data, prescriber information, and limited insurance data of more than 24,000 people. 

The company also filed breach notifications with regulators in California in 2015, 2017 and 2018

The healthcare industry has been affected by a spree of cyber incidents this year. The attacks on UnitedHealth Group and several other industry cogs have prompted renewed calls for federal cyber regulations governing the sector. 

On Friday, Sen. Mark R. Warner (D-VA) wrote to Department of Health and Human Services (HHS) Secretary Xavier Becerra and Deputy National Security Advisor Anne Neuberger asking them to move quicker in releasing mandatory minimum cyber standards for the healthcare sector.

“More important than the economic risks cyberattacks pose to the health care sector are the vulnerabilities to patients’ access to care and private health information. Simply put, inadequate cybersecurity practices put people’s lives at risk,” he said, adding that cybersecurity is a “patient safety issue.”

“The stakes are too high, and the voluntary nature of the status quo is not working, especially regarding health care stakeholders that are systemically important nationally or regionally.”

NewsCybercrime
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Car dealership company AutoNation says CDK ransomware incident cut into quarterly earnings

Next Post

Australia tells Russia to ‘back off’ after Kremlin criticizes espionage allegations

Related Posts

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus

A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools. "For instance, the attackers took advantage of the relatively recent CVE-2023-38831 vulnerability in WinRAR, which
Avatar
Read More

Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign

Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months. The dodgy app, identified by Check Point, masqueraded as the legitimate WalletConnect open-source protocol to trick unsuspecting users into downloading it. "Fake
Avatar
Read More