Kroger data breach exposes pharmacy and employee data

BleepingComputer reports that supermarket firm Kroger suffered a data breach after they used the Accellion FTA software to transfer files. A security vulnerability found in the software allowed threat actors to hack and steal data from companies that use this service, and according to the retailer, they were the latest business to be affected by this incident. Accellion informed Kroger about the breach on January 23, which prompted the company to discontinue its use immediately. “At this time, based on the information provided by Accellion and our own investigation, Kroger believes the categories of affected data may include certain associates’ HR data, certain pharmacy records, and certain money services records. Importantly, there was no impact to grocery store data or systems; credit or debit card information; or customer account passwords,” Kroger said in its data breach advisory. Kroger is reaching out to anyone affected by the breach and is offering free credit monitoring to those affected individuals.