mbi-logombi-logombi-logo-mobilembi-logo-mobile
  • Home
  • Agriculture
  • Business
  • Energy & Mining
  • Food
  • Healthcare
  • MPR News
  • National News
  • Retail
  • Tourism
✕
Senator seeks probe of natural gas price spikes during storm
February 20, 2021
Hospitality workers on edge, wondering if jobs will come back
February 20, 2021

Kroger is latest victim of third-party software data breach

BOSTON —

Kroger Co. says it was among the multiple victims of a data breach involving a third-party vendor’s file-transfer service and is notifying potentially impacted customers, offering them free credit monitoring.

The Cincinnati-based grocery and pharmacy chain said in a statement Friday that it believes less than 1% of its customers were affected — specifically some using its Health and Money Services — as well as some current and former employees because a number of personnel records were apparently viewed.

Kroger said the breach did not affect Kroger stores’ IT systems or grocery store systems or data and there was no indication that fraud involving accessed personal data had occurred.

The company, which has 2,750 grocery retail stores and 2,200 pharmacies nationwide, did not immediately respond to questions including how many customers might have been affected.

Kroger said it was among victims of the December hack of a file-transfer product called FTA developed by Accellion, a California-based company, and that it was notified of the incident on Jan. 23, when it discontinued use of Accellion’s services. Companies use the file-transfer product to share large amounts of data and hefty email attachments.

Accellion has more than 3,000 customers worldwide. It has said that the affected product was 20 years old and nearing the end of its life. The company said on Feb. 1 that it had patched all known FTA vulnerabilities.

Other Accellion customers affected by the hack include the University of Colorado, Washington State’s auditor, Australia’s financial regulator, the Reserve Bank of New Zealand and the prominent U.S. law firm Jones Day.

For Washington State’s auditor, the hack was particuarly serious. Exposed were files on 1.6 million claims obtained in its investigation of massive unemployment fraud last year.

In the case of Jones Day, cybercriminals seeking to extort the law firm dumped an estimated 85 gigabytes of data online they claimed to have stolen.

Former President Donald Trump is among Jones Day clients but the criminals told The Associated Press via email that none of the data was related to him.

Share

Related posts

March 24, 2023

Minnesota lawmakers likely to spend $100 million on broadband. How far will that go?

Read more
March 24, 2023

Settlement will wipe $6 billion in student loan debt — but not for these borrowers

Read more
March 21, 2023

Lawmakers consider influx of cash for Minnesota cities, counties facing inflation

Read more
✕

CATEGORIES

  • Agriculture
  • Announcements
  • Business
  • Business Focus
  • Energy & Mining
  • Featured
  • Food
  • Healthcare
  • MPR News
  • National News
  • Retail
  • Technology
  • Tourism

OUR MAGAZINE

Minnesota Business Insights is the premiere business web, digital and print media publication, built for entrepreneurs, visionaries, builders, and doers who are committed to growing the economy of the great state of Minnesota.

LATEST POSTS

  • Trump kicks off 2024 with a lifeless stump speech, folding indictment hysteria into a growing list of grievances
    March 26, 2023
  • Texas Lt. Governor Dan Patrick takes credit for arranging Trump's debut 2024 campaign rally: 'I picked Waco'
    March 25, 2023

ADVERT

© 2020 Minnesota Business Insights. All Rights Reserved.