Kroger Confirms Data Breach

NOTICE: If you are a Kroger employee or pharmacy, health clinic, or money service customer and received a NOTICE OF DATA BREACH, contact the Arnold Law Firm at (916) 777-7777

kroger data breachOn February 19, 2021, Kroger Co. (Kroger) confirmed that the company was affected by an extensive Accellion data breach. Accellion is a California-based, third-party vendor that provides file-transfer services.

The grocery and pharmacy chain giant was notified of the cyberattack on January 23, 2021. The company claims to have immediately discontinued the use of Accellion’s products and services and reported the incident to law enforcement.

Kroger is in the process of notifying affected individuals. While they continue to investigate the cyberattack, they have identified the following affected parties so far:

  • Kroger Health and Money Services users (pharmacy, health clinic, and money service customers)
  • Current employees
  • Some former employees

The company claims the data breach did not affect Kroger stores’ IT systems or grocery store systems or data and that approximately one percent of its customers were affected. However, personal information exposed in the incident is highly confidential and could include:

  • Names
  • Phone numbers
  • Dates of birth
  • Home addresses
  • Medical history
  • Email addresses
  • Money service records 
  • Social Security numbers
  • Prescription information
  • Health insurance information

Kroger is offering credit monitoring services to affected individuals.

The retailer has 2,750 grocery stores and 2,200 pharmacies located in 35 states. Based in Cincinnati, Kroger employs approximately 500,000 people with annual revenues of over $120 billion.

NOTICE: If you are a Kroger employee or pharmacy, health clinic, or money service customer and received a NOTICE OF DATA BREACH, contact the Arnold Law Firm at (916) 777-7777 to discuss your situation and possibly developing legal options.