Ahold Delhaize, the parent company of major US supermarket chains including Stop & Shop, Giant, Food Lion, Hannaford, and The Giant Company, has confirmed a data theft following claims made by the INC Ransomware group. The company stated that a limited set of data was stolen as a result of a cyberattack impacting a third-party service provider they use for some of their US banners.
The confirmation comes after the INC Ransomware gang added Ahold Delhaize to their list of victims in early May. The ransomware group publicly claimed responsibility for the breach and reportedly posted samples of the stolen data online as proof.
According to Ahold Delhaize, the cyberattack targeted a service provider that assists with certain operations for their US brands. While the investigation is ongoing to determine the full scope of the incident, the company has acknowledged that customer data was compromised in the attack.
The type of personal information potentially affected by this data breach is still being assessed. Based on typical incidents targeting retail operations, it could include details such as customer names, addresses, email addresses, phone numbers, potentially order histories, transaction information, or details related to reward programs. Ahold Delhaize has not publicly detailed the specific categories of data confirmed stolen at this time, stating only it was a “limited set.”
In response to the incident, Ahold Delhaize has engaged external cybersecurity experts to assist with their investigation. They are working to understand the extent and impact of the breach and are taking steps to secure the affected systems. The company has also stated that they have notified relevant authorities about the data theft.
Customers of the affected US banners are advised to remain vigilant for any suspicious activity or communications. Ahold Delhaize has indicated they will directly notify individuals whose personal information is determined to have been affected by the data breach once their investigation provides a clearer picture of the impact. The focus remains on understanding the full scope and ensuring affected individuals are informed appropriately.
Source: https://www.bleepingcomputer.com/news/security/ahold-delhaize-confirms-data-theft-after-inc-ransomware-claims-attack/
