Cyber Incident Victim: Tesco PLC
Date:
Jun 2024
Location:
United States of America
Summary
A cybersecurity breach occurred when an unauthorized party impersonated an employee to compromise business credentials and access systems, prompting immediate detection and investigation. The intruder obtained purchaser names, physical addresses, dates of birth, and government-issued identification details linked to specific retail transactions, though no financial data, Social Security numbers, or patient records were affected. The organization terminated the unauthorized access, reported the incident to authorities, and implemented enhanced security measures while notifying impacted individuals through direct communications and establishing a dedicated support line.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The incident involving Rite Aid occurred on June 6, 2024, when an unidentified third party impersonated a company employee to compromise business credentials and gain unauthorized access to certain corporate systems. The breach was detected within 12 hours, prompting immediate investigation efforts to terminate the intrusion, remediate affected systems, and assess potential data compromise. Rite Aid engaged law enforcement and notified federal and state regulators following the discovery. Forensic analysis confirmed by June 17, 2024, that the attacker acquired purchaser information related to specific retail transactions occurring between June 6, 2017, and July 30, 2018. The compromised data included names, physical addresses, dates of birth, and driver's license numbers or other government-issued identification presented during purchases.
Rite Aid confirmed no social security numbers, financial account details, or patient health information were accessed during the breach. The company initiated direct mail notifications to consumers with verifiable addresses in their systems and established a dedicated toll-free assistance line operational until October 15, 2024, for inquiries. Internal response measures included implementing additional security controls to prevent similar impersonation-based attacks. The breach exclusively impacted retail purchase records from the specified 13-month period, with no evidence of system-wide compromise or ongoing unauthorized access beyond the initial 12-hour window before containment. Rite Aid completed system remediation following forensic review and maintained consumer notification procedures consistent with regulatory requirements.