Pharmacy large Ceremony Assist confirmed a knowledge breach after struggling a cyberattack in June, which was claimed by the RansomHub ransomware operation.
Ceremony Assist is the third-largest drugstore chain in the US, using over 6,000 pharmacists (out of a complete workforce of over 45,000) in additional than 1,700 retail pharmacy shops throughout 16 states.
The corporate instructed BleepingComputer on Friday that it is at present investigating a cyberattack detected in June and dealing on sending knowledge breach notifications to prospects affected by the ensuing knowledge breach.
It additionally added that it had restored all programs compromised within the incident with the assistance of exterior consultants it employed to handle the assault’s affect.
“Ceremony Assist skilled a restricted cybersecurity incident in June, and we’re finalizing our investigation. We take our obligation to safeguard private data very severely, and this incident has been a prime precedence,” Ceremony Assist mentioned.
“Along with our third-party cybersecurity companion consultants, we have now restored our programs and are totally operational. We’re sending notices to impacted customers.”
Whereas Ceremony Assist did not share what buyer knowledge was accessed within the breach or what number of people had been affected, it mentioned that the info breach would not affect well being or monetary data.
“Within the meantime, we will verify that no social safety numbers, monetary data, or affected person data had been impacted by this incident,” the corporate added.
Assault claimed by RansomHub gang
Although Ceremony Assist has but to share who was behind the June assault, the assertion got here after BleepingComputer reached out to verify the RansomHub ransomware gang’s claims that it breached the pharmacy large’s programs and stole prospects’ knowledge.
​”Whereas getting access to the Riteaid community we obtained over 10 GB of buyer data equating to round 45 million traces of individuals’s private data. This data contains identify, handle, dl_id quantity, dob, riteaid rewards quantity,” the risk group mentioned on their darkish internet leak web site.
After including Ceremony Assist to its leak web site as a result of the corporate supposedly stopped negotiating a ransom, the ransomware gang shared a screenshot of a number of the allegedly stolen knowledge as proof, saying that all the pieces can be leaked in two weeks.
Ceremony Assist did not reply to a request for extra particulars concerning the June assault after BleepingComputer reached out once more at present.
RansomHub is a comparatively new risk group that calls for ransom funds from victims in trade for not leaking stolen information, usually auctioning the information to the best bidder if negotiations fail.
They give attention to data-theft-based extortion somewhat than encrypting information, despite the fact that they had been recognized as a potential buyer of Knight ransomware source code.
Final month, RansomHub claimed duty for breaching the programs of U.S. telecom supplier Frontier Communications in April, forcing them to shut down systems to include the breach and stealing the information of 750,000 customers.
