On February 19, 2021, Kroger Co. (Kroger) confirmed that the company was affected by an extensive Accellion data breach. Accellion is a California-based, third-party vendor that provides file-transfer services.
The grocery and pharmacy chain giant was notified of the cyberattack on January 23, 2021. The company claims to have immediately discontinued the use of Accellion’s products and services and reported the incident to law enforcement.
Kroger is in the process of notifying affected individuals. While they continue to investigate the cyberattack, they have identified the following affected parties so far:
The company claims the data breach did not affect Kroger stores’ IT systems or grocery store systems or data and that approximately one percent of its customers were affected. However, personal information exposed in the incident is highly confidential and could include:
Kroger is offering credit monitoring services to affected individuals.
The retailer has 2,750 grocery stores and 2,200 pharmacies located in 35 states. Based in Cincinnati, Kroger employs approximately 500,000 people with annual revenues of over $120 billion.
NOTICE: A legal complaint has been filed against Kroger regarding this data breach. If you received a NOTICE OF DATA BREACH, you may be a class member.
Class members are automatically in the class unless you opt out and no further action will be required by you. Class members have a passive role throughout class action litigation. If the lawsuit is successful, all class members receive equal compensation which is awarded to all class members, regardless of the degree of harm they suffered.