Home News Kroger Says Some HR Data and Pharmacy Records Were Possibly Compromised in Data Breach

Kroger Says Some HR Data and Pharmacy Records Were Possibly Compromised in Data Breach

Kroger Says Some HR Data and Pharmacy Records Were Possibly Compromised in Data Breach

Kroger was among the companies affected by a data breach caused by a weakness in a product offered by Accellion, a third-party company that the retailer used for secure file transfer services, according to a company press release.

The breach didn’t affect Kroger’s IT system, the store systems, debit or credit card information, and no customer data was misused, the retailer said, but it did impact certain HR data, money service records, and pharmacy records.

“At this time, based on the information provided by Accellion and its own investigation, Kroger believes that less than 1% of its customers, specifically customers of Kroger Health and Money Services, have been impacted,” the company said in Friday’s press release.

The supermarket chain, which has nearly 3,000 stores across the country, discontinued using the product and reported the data breach to federal law enforcement after being informed of the incident on January 23, Kroger said Friday.

Accellion informed Kroger that an unauthorized person gained access to Kroger files through a weakness in Accellion’s file transfer service, Kroger said.

Kroger also initiated its own investigation to determine the impact of the incident. The company is in the process of contacting potentially harmed customers and offering free credit monitoring.

Accellion did not immediately respond to a request for comment.

Accellion’s customers have been using the company’s product called File Transfer Appliance (FTA) which offers secure file-sharing services for sensitive files that are too large for email attachments. The product was used by law firms, including Jones Day, Insider previously reported. Earlier this month, Accellion announced that it is retiring its FTA systems and encouraged its customers to upgrade from the 20-year-old system to its newer product Kiteworks that “never reported” an external vulnerability in the four years it has been in the marketplace.

The company will not allow renewals to its FTA product after April 30, according to its website.

In January, Accellion said that it released a patch within 72 hours to less than 50 of its customers who have been impacted by the breach. The string of data breaches affected large organizations and companies around the world.

Among those affected was New Zealand’s Reserve Bank that became aware of the data breach in January. “Following this malicious attack, the software application was secured and closed,” the bank said in its statement on February 15.

The data breach that the bank experienced on December 25 impacted some files that contained personal email addresses, birthdates, credit information, the bank said. The bank also added that it is working directly with stakeholders to determine the number of individuals affected.

Singtel, Singapore’s telecommunications company, also experienced a data breach of its FTA Accellion system and said on Wednesday that it is working with the Cyber Security Agency of Singapore about the incident.

The company completed its investigation and concluded that 23 enterprises were affected and Singtel’s data logs, test data, reports, and emails were leaked, according to its statement. Exfiltrated data also included personal information such as birthdates and names of 129,000 customers and bank account details of 28 former Singtel employees, the company added.

Eskalera, a Startup Led by Goldman Sachs’ Former HR Head Has Launched a Diversity and Inclusion Index

Eskalera, a technology startup led by Goldman Sachs former human resources head Dane Holmes, has launched an index to measure corporate diversity and inclusiveness,...

HSBC to Remove 35,000 Jobs Amidst Covid-19 Crises

HSBC Holdings Plc has restarted cutting as many as 35,000 jobs, three months after the coronavirus outbreak forced it to pause a long-awaited overhaul...

Genpact Offers Its Internal Skill Training Program Globally for Everyone

Genpact has announced Adapt and Rise, a role-based online learning platform that leverages Genpact's expertise honed from delivering real-world change for hundreds of clients....

San-Francisco Based Learning Platform Degreed Has Raised $32 Million in New Funding

The upskilling platform, Degreed, has announced $32 million in new funding in direct response to overwhelming demand for better skill insights, talent mobility, and...

Research Shows the Implications of Workplace Layouts on Employee Productivity and Overall Performance

As some workplaces prepare for the gradual return of employees and overhaul office layouts and seating plans, research has shown this could also have...

Employee Concierge ‘Back Technologies’ Integrates Automation Into Internal HR and Other Support Tasks

Companies are under increasing pressure to automate workflows and digitally service their employees, particularly in light of trends toward remote work. It takes an...

HR Strategies to Help Your Business Navigate the New ‘Normal’

No business is immune to the massive changes resulting from the health crisis. Organizations have proven themselves to be agile, and employees have demonstrated...

The Importance Of Diversity And Inclusion In HR, Hiring, Talent Management: Thoughts From A Top Expert

Michael C. Hyter is one of today’s best-known experts on inclusion and diversity and the author of The Power of Choice: Embracing Efficacy to Drive Your Career and The...

HR Expert Highlights Actionable Steps to ‘Make Real Change’ Against Racism in Your Workplace

Kyra Leigh Sutton, Ph.D., is a faculty member at the Rutgers University School of Management and Labor Relations, where she teaches human resources courses...

Adidas Employees Want Company to Investigate HR Chief for Response to Racial Issues

A group of Adidas employees from around the globe is asking the company to investigate its chief human resources officer, as part of a...