Kroger reveals third-party software data breach

Monday 22 February 2021 10:11 CET | News

Kroger Co. has announced it was among the victims of a data breach involving a third-party vendor’s file-transfer service.

The grocery and pharmacy chain said that although it is notifying potentially impacted customers, offering them free credit monitoring, it believes less than 1% of its customers were affected — specifically some using its Health and Money Services — as well as some current and former employees because a number of personnel records were apparently viewed.

However, as per APNews, the breach did not affect Kroger stores’ IT systems or grocery store systems or data and there was no indication that fraud involving accessed personal data had occurred. Kroger said it was among victims of the December hack of a file-transfer product called FTA developed by Accellion, and that it was notified of the incident on 23 January, when it discontinued use of Accellion’s services. 

Other Accellion customers affected by the hack include the University of Colorado, Washington State’s auditor, Australia’s financial regulator, the Reserve Bank of New Zealand, and the US-based law firm Jones Day. For Washington State’s auditor, the hack exposed files on 1.6 million claims obtained in its investigation of massive unemployment fraud in 2020. In the case of Jones Day, cybercriminals seeking to extort the law firm dumped an estimated 85 gigabytes of data online they claimed to have stolen.

More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Kroger, third-party software, data breach, fraud, credit monitoring, data, cybercrime
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime

Industry Events