Kroger Company Investigating Security Breach At Smith’s, Other Pharmacies
Feb 19, 2021, 4:27 PM
West Virginia has settled with Kroger for $68 million over its role in distributing highly addictive prescription painkillers into the U.S. state that has lost more lives to opioid overdoses per capita than any other. (Photo by Scott Olson/Getty Images)
(Photo by Scott Olson/Getty Images)
CINCINNATI, Ohio – Kroger Company contacted pharmacy customers who may have been affected by a security breach at its family of stores which includes Smith’s.
A news release said an unauthorized person hacked through a vulnerability in software that was supplied by Accellion, a company that provides secure file transfers.
Kroger stopped using the software once it was informed of the breach and launched a forensic investigation to determine how widespread the attack was.
Smith’s Food and Drug is far from the only brand listed in the news release which included more than a dozen grocery and pharmacy chains associated with the Kroger Company.
The Kroger Co. Health and Welfare Benefit Plan and the Kroger Co. Retiree Health and Welfare Benefit plan were also targeted.
A news release said, “While Kroger has no indication of fraud or misuse of personal information as a result of this incident, out of an abundance of caution Kroger has arranged to offer credit monitoring to all affected individuals at no cost to them.”
Kroger said only services provided by Accellion were affected and the attack did not include IT systems, grocery store systems, or data. No credit card, debit card, or digital wallet information, or customer account passwords were affected.
Still, Kroger said the stolen information included names, Social Security Numbers, birth dates, email addresses, phone numbers, and prescription information.
Kroger will notify customers who were affected.
More information is available on the Kroger website.
