:strip_exif(true):strip_icc(true):no_upscale(true):quality(65)/cloudfront-us-east-1.images.arcpublishing.com/gmg/O6XCX4T3LZGH3DXNBKDBGGDSXE.jpg)
[ad_1]
BOSTON – Kroger Co. says it is among multiple victims of a data breach involving a third-party vendor’s file transfer service and is notifying potentially affected customers, offering them free credit monitoring.
The Cincinnati-based grocery and drugstore chain said in a statement Friday that it believed less than 1% of its customers were affected – especially some using its health and money services – as well as some current employees. and old because a number of personal files were apparently seen.
Kroger said the breach did not affect any computer systems or grocery store systems or data at Kroger stores, and there was no indication that fraud involving access to personal data had taken place.
The company, which has 2,750 retail grocery stores and 2,200 drugstores across the country, did not immediately respond to questions about the number of customers who may have been affected.
A d
Kroger said he was among the victims of the December hack of a file transfer product called FTA developed by Accellion, a California-based company, and was made aware of the incident on January 23, when ‘he has stopped using Accellion’s services. Businesses use the file transfer product to share large amounts of data and large attachments.
Accellion has more than 3,000 customers around the world. He said the affected product was 20 years old and was near the end of its life. The company said on February 1 that it fixed all known vulnerabilities in FTA.
Other Accellion clients affected by the hack include the University of Colorado, the Washington State auditor, the Australian financial regulator, the Reserve Bank of New Zealand, and prominent US law firm Jones Day. .
A d
For the Washington state auditor, the hack was particularly serious. The files of 1.6 million compensation claims obtained as part of its investigation into massive unemployment fraud last year have been exposed.
In the case of Jones Day, cybercriminals seeking to extort the law firm emptied approximately 85 gigabytes of online data that they claimed to have stolen.
Former President Donald Trump is among Jones Day’s clients, but criminals told The Associated Press by email that none of the data was linked to him.
Copyright 2021 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
[ad_2]
Source link