Giant supermarket chain Kroger suffered data breach after breaching a service used to transfer files securely and hackers stole files.
Kroger is one of the largest retailers in the world, with nearly 2.800 stores in 35 states. Kroger employs about 500.000 people and had sales of over $ 122 billion for 2019.
Yesterday, Kroger revealed that it was the last company to be affected by a security vulnerability in Accellion FTA software that allowed hacker to steal data from companies that use the service.
According to the data breach advisory published yesterday, the Kroger chain was informed by Accellion of their breach on January 23, 2021 and immediately discontinued using the service.
As part of their investigation into the attack, Kroger concluded that the breach did not affect grocery data, including payment informationς. However, the breach revealed human resources data and pharmacy records.
Kroger says they are in the process of contacting those affected. For those affected, the company offers a free one year credit monitoring.
Accellion attacks have a wide impact
Kroger is just one of many major companies affected by the Accellion FTA vulnerability that hackers have exploited in recent months.
In mid-December, Accellion revealed that it had learned about one active exploitation of vulnerability zero-day to secure FTA file transfer service. Hackers took advantage of this vulnerability to steal data from companies that used the service to communicate with their customers and partners. safety.
Accellion released one patch on Christmas day, but the companies received the update and implemented it after the hackers had already acquired access in their data.
Some of those affected by the Accellion breach have taken some notes on ransom from hackers who demand to paid, otherwise their data will be made public.
Source of information: bleepingcomputer.com
Greek
Chinese (Simplified)
English
Greek
Russian