Wegmans Food Markets disclosed a data breach, the supermarket chain notified customers that some of their information was exposed as a result of the accidental availability online of two of its databases due to a configuration issue.
The company became aware of the issue after a security researcher reported it, then Wegmans launched an investigation into the incident and hired a leading forensics firm to secure the misconfiguration.
Exposed data include customers’ names, addresses, phone numbers, birth dates, Shoppers Club numbers, as well as e-mail addresses and Wegmans.com account passwords. The company pointed out that account passwords were “hashed” and “salted,” while actual passwords were not contained in the databases.
