Kroger Confirms Data Breach
On February 19, 2021, Kroger Co. (Kroger) confirmed that the company was affected by an extensive Accellion data breach. Accellion is a California-based, third-party vendor that provides file-transfer services.
The grocery and pharmacy chain giant was notified of the cyberattack on January 23, 2021. The company claims to have immediately discontinued the use of Accellion’s products and services and reported the incident to law enforcement.
Kroger is in the process of notifying affected individuals. While they continue to investigate the cyberattack, they have identified the following affected parties so far:
- Kroger Health and Money Services users (pharmacy, health clinic, and money service customers)
- Current employees
- Some former employees
The company claims the data breach did not affect Kroger stores’ IT systems or grocery store systems or data and that approximately one percent of its customers were affected. However, personal information exposed in the incident is highly confidential and could include:
- Names
- Phone numbers
- Dates of birth
- Home addresses
- Medical history
- Email addresses
- Money service records
- Social Security numbers
- Prescription information
- Health insurance information
Kroger is offering credit monitoring services to affected individuals.
The retailer has 2,750 grocery stores and 2,200 pharmacies located in 35 states. Based in Cincinnati, Kroger employs approximately 500,000 people with annual revenues of over $120 billion.
NOTICE: A legal complaint has been filed against Kroger regarding this data breach. If you received a NOTICE OF DATA BREACH, you may be a class member.
How Do I Join a Class Action Suit?
Class members are automatically in the class unless you opt out and no further action will be required by you. Class members have a passive role throughout class action litigation. If the lawsuit is successful, all class members receive equal compensation which is awarded to all class members, regardless of the degree of harm they suffered.