The grocery and pharmacy chain said that although it is notifying potentially impacted customers, offering them free credit monitoring, it believes less than 1% of its customers were affected — specifically some using its Health and Money Services — as well as some current and former employees because a number of personnel records were apparently viewed.
However, as per APNews, the breach did not affect Kroger stores’ IT systems or grocery store systems or data and there was no indication that fraud involving accessed personal data had occurred. Kroger said it was among victims of the December hack of a file-transfer product called FTA developed by Accellion, and that it was notified of the incident on 23 January, when it discontinued use of Accellion’s services.
Other Accellion customers affected by the hack include the University of Colorado, Washington State’s auditor, Australia’s financial regulator, the Reserve Bank of New Zealand, and the US-based law firm Jones Day. For Washington State’s auditor, the hack exposed files on 1.6 million claims obtained in its investigation of massive unemployment fraud in 2020. In the case of Jones Day, cybercriminals seeking to extort the law firm dumped an estimated 85 gigabytes of data online they claimed to have stolen.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now