Rite Aid Corporation Hit by Ransomware Attack: Cybercriminals Threaten to Leak Sensitive Data

Rite Aid Corporation, a prominent American chain of drugstores, has reportedly fallen victim to a ransomware attack, according to a statement released by the company. The cyber incident, which occurred in June, has been described as a “limited cybersecurity incident” by Rite Aid, who is currently conducting an investigation into the matter.

In a chilling twist, the ransomware group known as RansomHub has claimed responsibility for the attack, boasting that they have extracted a significant amount of sensitive data from Rite Aid’s networks. The group has threatened to leak the compromised data if their demands are not met by a specified deadline.

RansomHub alleges that negotiations with Rite Aid had initially progressed, with an agreement on a ransom amount reached, only for communication to abruptly cease. The group has since posted a sample of the stolen information, which includes personal details such as names, addresses, dates of birth, and driver’s license numbers.

Despite the breach, Rite Aid has assured customers that no social security numbers, financial information, or patient data were impacted. The drugstore chain has stated that it is in the process of notifying affected consumers, although specifics regarding the notification process have not been disclosed.

This recent cyber incident is not the first time Rite Aid has been targeted by ransomware attacks, as the company was previously listed as a victim in the MOVEit hacks last year. With RansomHub emerging as a key player in the ransomware ecosystem, cybersecurity experts are closely monitoring the group’s activities and potential future targets.