Yesterday, Rite-Aid, the United States’ third largest pharmacy chain, reported 2.2 million customers data have been exposed to hackers and would-be thieves. The breach included names, addresses, phone numbers, and drivers license numbers.

Who Was Affected?

Rite-Aid claims consumers in Oregon, Vermont, Maine, and Massachusetts were potentially in the leak. Also, the breach affected customers making purchases between June 6, 2017 and July 30, 2018. According to Rite-Aid, no social security numbers, financial information, nor patient information were leaked.

RansomHub, hacker group, has taken credit for the attack. As of this year, RansomHub is considered the most threatening hacker group on Earth. According to RansomHub, the hacker group was negotiating with Rite-Aid to keep the breach and customer data secret. At some point, Rite-Aid officials cut off communications with the hackers and proceeded to announce the breach and leak customer information. Rite-Aid officials have declined to comment to the press. They’ve also declined to admit any details of how internal accounts were compromised or if they were protected by multi factor authentication.

Always Be Vigilant

We can’t be responsible for a company’s internal security. We’re not in charge of patching systems, issuing security awareness training, or configuring routers. However, we all have a responsibility in protecting our own information.

When you’re online, consider enabling multi-factor authentication for your financial and social accounts. Be sure to keep your credit card information private and only make purchases at reputable brands. If you suspect your financial accounts may have been compromised, cancel your cards and work with your bank to get new ones issued.

Be safe out there.