Data accessible on all Giant Eagle staffers due to employee portal issue

Share this article:

All employees with Pennsylvania-based supermarket chain Giant Eagle are being notified that, due to an issue, their personal information – including Social Security numbers – could have been accessed by anyone properly logged into the MyHRConnection Team Member portal.

How many victims? Undisclosed, but Giant Eagle employs more than 36,000 Team Members, according to the latest statistics on the website. 

What type of personal information? Names and Social Security numbers.

What happened? Due to an issue, employee data could have been accessed by anyone properly logged into the MyHRConnection Team Member portal.

What was the response? An investigation is ongoing. The problematic functionality in the MyHRConnection Team Member portal was disabled. All impacted individuals are being notified, and offered a free year of credit monitoring services.

Details: A Team Member notified Giant Eagle of the issue on May 24, and the problematic functionality was disabled on May 27. The incident impacts employees of Giant Eagle and employees of Giant Eagle-related employers or Giant Eagle independent retailers, for which Giant Eagle provided payroll services.

Quote: “It is also important to note that to date, we are not aware of any reports of identity fraud, theft or other harmful activity resulting from this issue,” according to a notification by Laura Karet, CEO of Giant Eagle.

Source: doj.nh.gov, “Re: Giant Eagle, Inc.,” June, 13 2014.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.